Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/08/14 7:46 a.m.9 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file

Summary Scala could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in LazyList. By sending specially-crafted request using gadget chain, an attacker could exploit this vulnerability to execute arbitrary code, erase contents of...

9.8CVSS7.9AI score0.08343EPSS
Exploits1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of the publishing module of the SPIP content management system allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the SPIP content management system’s publishing module is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

7.5CVSS5.2AI score
Exploits0References4Affected Software2
CNVD
CNVD
added 2017/03/04 12:0 a.m.4 views

File upload vulnerability in PHPCMS Content Publishing Management function module

PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. There is a file upload vulnerability in the PHPCMS content publishing...

7.3AI score
Exploits0References1
Rows per page
Query Builder