7 matches found
CVE-2019-20390
A Cross-Site Request Forgery CSRF vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to validate the CSRF token for a G...
EUVD-2024-38203
Malicious code in bioql PyPI...
EUVD-2022-3510
Malicious code in bioql PyPI...
CVE-2024-39718
An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account...
CVE-2024-39718
CVE-2024-39718 is a vulnerability in Veeam Backup & Replication 12.x (notably affected builds include 12.1.2.172 and earlier) where a low-privileged user can remotely remove files with the service account’s permissions due to improper input validation. Connected sources confirm this CVE affects m...
PT-2024-2531 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.03 Description: The issue is related to improper input validation in JetBrains TeamCity, a continuous integration and continuous delivery CI/CD system. This could allow a remote attacker to gain acces...
CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal
The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSRemoteArbitraryFileRemoval.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Remote Arbitrary File Removal ==================...