15 matches found
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Versions 12.7 to 12.11.7 and 2025.1 to 2026.1.1 of WatchGuard Fireware OS contain security vulnerabilities. These vulnerabilities stem from reflective cross-site scripting in the Fireware...
School Fees Management System 安全漏洞
School Fees Management System is a tuition management system. A security vulnerability exists in School Fees Management System version v1.0 that originates from a broken access control in /admin/management/users...
Directory Traversal
Gravitee API Management is vulnerable to path traversal. The vulnerability exists in the Email service due to an html injection which allows an attacker to read arbitrary files via a /management/users/register request...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
Path traversal
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
Gravitee API Management 跨站脚本漏洞
Gravitee API Management is the open source Gravitee API management tool. A security vulnerability exists in Gravitee API Management prior to version 1.25.3, which stems from a combination of HTML injection and path traversal in the email service, allowing an anonymous user to read arbitrary files...
Wildfly Authorization Misconfiguration
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
GHSA-82V2-F875-73G9 Wildfly Authorization Misconfiguration
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
CVE-2021-20031
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains...
CVE-2021-20031
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains...
wildfly-core: Invalid Sensitivity Classification of Vault Expression
A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly...
CVE-2019-14838
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
Design/Logic Flaw
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
CVE-2019-14838
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...