Samarium 代码问题漏洞

Samarium is an open source business management system by oitcode individual developers. A code issue vulnerability exists in Samarium version 0.9.6 and earlier, which stems from an unrestricted upload in files/dashboard/product and could lead to a remote attack...

CVE-2021-41191

Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add @requireapikey in BOT/lib/cogs/website.p...

CVE-2021-41191

Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add @requireapikey in BOT/lib/cogs/website.p...

Code injection

Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add @requireapikey in BOT/lib/cogs/website.p...

CVE-2021-41191

Summary of CVE-2021-41191 Roblox-Purchasing-Hub (open-source) had a vulnerability in versions 1.0.1 and earlier allowing someone who has another user’s API URL to obtain product files without an API key. The issue has been fixed in version 1.0.2. A workaround mentioned in the sources is to add an...

Roblox-Purchasing-Hub 安全漏洞

Roblox-Purchasing-Hub is a Roblox product purchasing center. A security vulnerability exists in Roblox-Purchasing-Hub that stems from a security risk in Roblox-Purchasing-Hub version 1.0.1 and earlier versions that allows someone with someone's API URL to obtain product files without an API key...

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files. Vulnerability Details CVEID:...

Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Summary Financial Transaction Manager for Corporate Payment Services for Multi-Platform FTM CPS has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files. Vulnerability Details...

CVE-2018-2026

IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552...

CVE-2018-2026

IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552...

CVE-2018-2026

IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552...

Design/Logic Flaw

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product...