2 matches found
Axis Communications AXIS OS Path Traversal (CVE-2024-0067)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with...
Weblate 跨站请求伪造漏洞
Weblate is a Copyleft open source web-based free software continuous localization system. A cross-site request forgery vulnerability exists in Weblate versions prior to 5.15, which stems from an unvalidated or uncleaned repository URL field in the Create Component function, and could lead to...