44 matches found
CVE-2005-1083
index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...
EUVD-2006-6262
Malware in sbrugna...
EUVD-2005-1086
Malware in sbrugna...
EUVD-2008-4412
Malware in sbrugna...
EUVD-2006-6261
Malware in sbrugna...
EUVD-2021-32066
Malicious code in bioql PyPI...
CVE-2023-46948
A reflected Cross-Site Scripting XSS vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components...
CVE-2023-46948
A reflected Cross-Site Scripting XSS vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components...
CVE-2024-7926
A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/aboutedit.php?action=modify. The manipulation of the argument skin leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-7924
A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability affects unknown code of the file /I/list.php. The manipulation of the argument skin leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
PT-2024-38692 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability has been found in ZZCMS. The issue affects an unknown function of the file /admin/about edit.php?action=modify. The manipulation of the skin argument leads to path traversal. It is...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/aboutedit.php?action=modify that causes path traversal. No details of the vulnerability are provided at this tim...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/class.php?dowhat=modifyclass that causes path traversal. No details of the vulnerability are provided at this ti...
VulnCheck KEV: CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. dot dot in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by...
CVE-2021-45286
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1 index.php, 2 bottom.php, and 3 topindex.php...
Directory traversal
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1 index.php, 2 bottom.php, and 3 topindex.php...
CVE-2016-10975
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter...
DEBIAN-CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
UBUNTU-CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
Debian DLA-392-1 : roundcube security update
High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to execute arbitrary code and totally compromise the vulnerable server. Th...