15 matches found
Smanga 安全漏洞
Smanga is a Docker-based comic streaming reading tool developed by lkw199711. Version 3.2.7 of Smanga has a security vulnerability. This vulnerability stems from improper handling of the mediaId parameter in the /php/path/rescan.php interface. It could allow unverified attackers to inject operati...
CVE-2024-34193
smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...
EUVD-2002-1179
Malware in sbrugna...
EUVD-2024-34675
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2024-34193
smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...
SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks
Cybersecurity researchers have shed light on the command-and-control C2 server workings of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control C2 server, and a web administration...
PT-2024-1260 · Uniview · Uniview Isc 2500-S
Name of the Vulnerable Software and Affected Versions: Uniview ISC 2500-S versions up to 20210930 Description: A critical vulnerability has been found in the Uniview ISC 2500-S, affecting the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the arguments...
SUSE CVE-2017-7963
The GNU Multiple Precision Arithmetic Library GMP interfaces for PHP through 7.1.4 allow attackers to cause a denial of service memory consumption and application crash via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely...
SOURCEFORGE MagpieRSS 代码问题漏洞
SOURCEFORGE MagpieRSS is SOURCEFORGE open source an application . Used to parse RSS 1.0 and earlier versions of a simple , practical PHP interface . MagpieRSS 0.72 has a security vulnerability where the curl command in /extlib/Snoopy.class.inc is not validated...
Arbitrary file reading vulnerability in the cu***.php interface of the background of the Tianqing security isolation and information exchange system
Tianqing Security Isolation and Information Exchange System is the access control switch equipment with network isolation technology independently developed by Qixing Information Technology Co., Ltd, which provides high security isolation protection for key data. There is an arbitrary file readin...
UBUNTU-CVE-2017-7963
The GNU Multiple Precision Arithmetic Library GMP interfaces for PHP through 7.1.4 allow attackers to cause a denial of service memory consumption and application crash via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely...
Debian: Security Advisory (DSA-169)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2002-1195
Cross-site scripting vulnerability XSS in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page...
CVE-2002-1195
Cross-site scripting vulnerability XSS in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page...
DSA-169 htcheck - cross site scripting
Bulletin has no description...