4 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-54146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of hosttemplates.php using...
CVE-2025-24367 Cacti allows Arbitrary File Creation leading to RCE
Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed...
CVE-2024-28122 JWX vulnerable to a denial of service attack using compressed JWE message
JWX is Go module implementing various JWx JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE technologies. This vulnerability allows an attacker with a trusted public key to cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high...
CVE-2023-32685 Clipboard based cross-site scripting (blocked with default CSP) in Kanboard
Kanboard is project management software that focuses on the Kanban methodology. Due to improper handling of elements under the contentEditable element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. A low-privileged attacker with permission to attach a document...