26 matches found
[SECURITY] Fedora 43 Update: dokuwiki-20250514b-3.fc43
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
[SECURITY] Fedora 44 Update: dokuwiki-20250514b-5.fc44
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...
CVE-2026-39864
Kamailio (SIP signaling server) is affected by CVE-2026-39864 in the auth module. An out-of-bounds read allows remote attackers to trigger a denial of service (process crash) by sending a specially crafted SIP packet after a successful user authentication that did not involve a database backend, ...
CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...
CVE-2026-39864
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...
EUVD-2026-10920
Sylius has a Promotion Usage Limit Bypass via Race Condition...
CVE-2020-37111
60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...
[SECURITY] Fedora 42 Update: python-flask-3.1.2-2.fc42
Flask is called a =E2=80=9Cmicro-framework=E2=80=9D because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation or anything else where different libraries already exist that can handle that. However Flask knows the concept of extensions that...
[SECURITY] Fedora 42 Update: dokuwiki-20240206b-1.fc42
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
FlatPress 安全漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A security vulnerability exists in Flatpress version 1.3. An attacker exploited the vulnerability to inject malicious scripts into web pages viewed by other users...
FlatPress 跨站脚本漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A cross-site scripting vulnerability exists in FlatPress versions prior to 1.3. An attacker can exploit this vulnerability to perform cross-site scripting attacks...
FlatPress 跨站脚本漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A cross-site scripting vulnerability exists in FlatPress versions prior to 1.3. An attacker can exploit this vulnerability to perform cross-site scripting attacks...
FlatPress 跨站脚本漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A cross-site scripting vulnerability exists in FlatPress versions prior to 1.3. An attacker can exploit this vulnerability to perform cross-site scripting attacks...
FlatPress 路径遍历漏洞
FlatPress is a Php-based blog builder without database support for the FlatPress community. A path traversal vulnerability exists in FlatPress versions prior to 1.3, which can be exploited by an attacker to perform path traversal...
Flatpress 代码问题漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A code issue vulnerability exists in Flatpress versions prior to v1.2.1, which stems from a Remote Code Execution RCE vulnerability contained in the upload file feature...
CMSimple 4.4, 4.4.2 - Remote File Inclusion
No description provided by source. ============================================================================================================= o CMSimple - Open Source CMS with no database = Remote File Inclusion Vulnerability Software : CMSimple - Open Source CMS with no database Version : 4.4...
CMSimple 4.44.4.2 - Remote File Inclusion
CMSimple 4.44.4.2 - Remote File Inclusion ============================================================================================================= o CMSimple - Open Source CMS with no database = Remote File Inclusion Vulnerability Software : CMSimple - Open Source CMS with no database Versio...
CMSimple 4.4/4.4.2 - Remote File Inclusion
============================================================================================================= o CMSimple - Open Source CMS with no database = Remote File Inclusion Vulnerability Software : CMSimple - Open Source CMS with no database Version : 4.4, 4.4.2 and below Vendor :...
CMSimple 4.4.2 Remote File Inclusion
============================================================================================================= o CMSimple - Open Source CMS with no database = Remote File Inclusion Vulnerability Software : CMSimple - Open Source CMS with no database Version : 4.4, 4.4.2 and below Vendor :...