CVE-2023-53871

Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML files with embedded PHP code to the application. Attackers can exploit the broken file upload mechanism to potentially view sensitive file paths and execute malicious PHP scripts on the server...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere in the ImagePromptTemplate in image.py, which can be instantiated with input variables...

IBM Sterling File Gateway 信息泄露漏洞

IBM Sterling File Gateway is a suite of file transfer software from IBM Corporation. The software integrates different file transfer activity centers and helps file-based data to be securely exchanged over the Internet.An information disclosure vulnerability exists in IBM Sterling File Gateway,...

PT-2005-2673 · Postnuke · Postnuke

Name of the Vulnerable Software and Affected Versions: PostNuke versions 0.750 through 0.760RC3 Description: The issue allows remote attackers to obtain sensitive information via direct requests to various files, including theme.php and Xanthia.php in the Xanthia module, multiple files in the...

SBox 1.0.4 - Full Path Disclosure

source: https://www.securityfocus.com/bid/8705/info sbox has been reported prone to a path disclosure vulnerability. The issue has been reported to present itself when a HTTP request is made for a CGI resource that does not exist. sbox will reportedly return an error message that contains path...