15 matches found
Craft CMS 信息泄露漏洞
Craft CMS is a content management system CMS open source by Craft CMS. An information disclosure vulnerability exists in Craft CMS versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, which stems from improper handling of a user's profile photo, which could lead to the exposure of...
EUVD-2015-8666
Malware in sbrugna...
Simple File Manager 代码问题漏洞
SourceCodester File Manager is a file manager. A code issue vulnerability exists in Simple File Manager version 1.0, which stems from an incorrect manipulation of photo resulting in unrestricted uploads...
Roundcube Webmail < 1.0.6, 1.1.x < 1.1.2 Directory Traversal Vulnerability
Roundcube Webmail is prone to a directory traversal vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
DEBIAN-CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
UBUNTU-CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
Path traversal
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
CVE-2015-8794
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
FreeBSD : roundcube -- multiple vulnerabilities (038a5808-24b3-11e5-b0c8-bf4d8935d4fa)
Roundcube reports : We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially i...
openSUSE Security Update : roundcubemail (openSUSE-2015-454)
roundcubemail was updated to version 1.0.6 to fix many minor bugs and two security issues. The security-related fixes in particular are : - security improvement in DBMail driver of password plugin - security improvement in contact photo handling %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
roundcube -- multiple vulnerabilities
Roundcube reports: We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially in...