16 matches found
EUVD-2022-55977
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php ...
CVE-2022-50956
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php ...
CVE-2022-50956
Affected software/impact: WordPress plugin amministrazione-aperta version 3.7.3 contains a local file read vulnerability. The root cause is insufficient input validation in the open parameter used by dispatcher.php, which allows unauthenticated attackers to supply file paths to read sensitive fil...
CVE-2022-50956 WordPress Plugin amministrazione-aperta 3.7.3 Local File Read
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php ...
CVE-2022-50956
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php ...
PT-2026-39481
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the open parameter. Attackers can supply file paths through the open GET parameter in dispatcher.php ...
WordPress plugin amministrazione-aperta 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2025-52564
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30...
CVE-2025-52564 Chamilo: HTML injection via open parameter
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30...
CVE-2025-52564 Chamilo: HTML injection via open parameter
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30...
CVE-2025-52564 Chamilo: HTML injection via open parameter
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30...
CVE-2025-52564
Chamilo LMS before 1.11.30 is affected by an HTML injection vulnerability in the open parameter of help.php, allowing a crafted URL to inject arbitrary HTML. The underlying issue is insufficient sanitization of user input. The flaw has been fixed in version 1.11.30. Affected product: Chamilo LMS;...
Chamilo 安全漏洞
Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the open parameter in the help.php file, which could allow attackers to inject arbitrary HTML...
PT-2026-2597
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The open parameters in the drm/xe/oa module did not validate the num syncs value, potentially allowing userspace to provide excessively large values. This could lead to excessive memory...
CVE-2025-39756
CVE-2025-39756 is a Linux kernel issue where extremely high nr_open values (e.g., 1073741816) can trigger massive file descriptor table allocations that exceed INT_MAX, causing a kernel warning and impractical memory requests (>8GB) during operations near the FD limit. The root cause involves ...
libyaml 安全漏洞
libyaml is a codec library for YAML from the YAML community. A security vulnerability exists in versions of libyaml prior to 0.903.0, which stems from the use of the parameter open that may result in modification of existing files...