SSCMS 安全漏洞

SSCMS SiteServerCMS is a content management system from China's Bailong Qianwei SSCMS company. A security vulnerability exists in SSCMS SiteServerCMS v7.3.1, which originates from a directory traversal vulnerability in the component /stl/actions/download?filePath...

CVE-2019-9960

The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path...

PT-2019-14911 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions up to 4.5.7 Description: The issue concerns the use of an unsanitized file variable in the music on hold.php file, which allows the download of any pathname, provided it is base64 encoded, when coming from the URL...

DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13793)

DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/download.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server...