44 matches found
CVE-2005-1083
index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...
EUVD-2005-1086
Malware in sbrugna...
EUVD-2006-6261
Malware in sbrugna...
EUVD-2006-6262
Malware in sbrugna...
EUVD-2008-4412
Malware in sbrugna...
EUVD-2021-32066
Malicious code in bioql PyPI...
CVE-2023-46948
A reflected Cross-Site Scripting XSS vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components...
CVE-2023-46948
A reflected Cross-Site Scripting XSS vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components...
CVE-2024-7926
A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/aboutedit.php?action=modify. The manipulation of the argument skin leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-7924
A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability affects unknown code of the file /I/list.php. The manipulation of the argument skin leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/class.php?dowhat=modifyclass that causes path traversal. No details of the vulnerability are provided at this ti...
PT-2024-38692 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability has been found in ZZCMS. The issue affects an unknown function of the file /admin/about edit.php?action=modify. The manipulation of the skin argument leads to path traversal. It is...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/aboutedit.php?action=modify that causes path traversal. No details of the vulnerability are provided at this tim...
VulnCheck KEV: CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. dot dot in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by...
CVE-2021-45286
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1 index.php, 2 bottom.php, and 3 topindex.php...
Directory traversal
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1 index.php, 2 bottom.php, and 3 topindex.php...
CVE-2016-10975
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter...
DEBIAN-CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
UBUNTU-CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
Debian DLA-392-1 : roundcube security update
High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to execute arbitrary code and totally compromise the vulnerable server. Th...