PT-2024-32320 · Unknown · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Camaleon CMS versions prior to 2.8.2 Description: An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS...

PT-2023-18897 · Ciq Api · Ciq Api

Name of the Vulnerable Software and Affected Versions: CIQ API versions 1.2.0 through 4.1.7 Description: The Toybox.GenericChannel.setDeviceConfig API method does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call t...