53 matches found
EUVD-2017-5708
Malware in sbrugna...
EUVD-2017-5707
Malware in sbrugna...
EUVD-2017-5706
Malware in sbrugna...
EUVD-2019-8994
Malware in sbrugna...
EUVD-2019-8995
Malware in sbrugna...
CVE-2022-32277
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...
CVE-2019-19373
An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/pagetemplates/pageremotecontent/pageremotecontent.inc POST paramete...
CVE-2019-19374
An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...
CVE-2022-32277
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...
CVE-2022-32277
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...
Authorization
DISPUTED Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specif...
Squiz Matrix 安全漏洞
Squiz Matrix is a web CMS from Squiz, Inc. that helps digital marketers create and publish content while building websites without deep technical skills. A security vulnerability exists in Squiz Matrix CMS version 6.20, which stems from an insecure direct object reference vulnerability when it...
PT-2022-21201 · Squiz · Squiz Matrix Cms
Name of the Vulnerable Software and Affected Versions: Squiz Matrix CMS version 6.20 Description: The issue is caused by a failure to correctly validate authorization when submitting a request to change a user's contact details, leading to an Insecure Direct Object Reference. This allows...
CVE-2022-32277
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...
CVE-2022-32277
Affected product: Squiz Matrix CMS 6.20. Vulnerability: Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user’s contact details. Impact (as stated): Confidentiality: None; Integrity: Low; Availability: None. Root cause / ...
Squiz Matrix CMS 5.5.x.x Code Execution / Information Disclosure Vulnerabilities
Exploit for php platform in category web applications Introduction ============ ZX Security identified several vulnerabilities the Squiz Matrix CMS that can be chained together to gain pre-authenticated remote code execution in some circumstances. Affected Versions ================= The issues in...
Squiz Matrix CMS 5.5.x.x Code Execution / Information Disclosure
Introduction ============ ZX Security identified several vulnerabilities the Squiz Matrix CMS that can be chained together to gain pre-authenticated remote code execution in some circumstances. Affected Versions ================= The issues in this advisory affect the following versions of Squiz...
Squiz Matrix CMS PHP Object Arbitrary Deserialization Vulnerability
Squiz Matrix CMS is an open source content management system with a highly usable interface. Squiz Matrix CMS suffers from an arbitrary PHP object deserialization vulnerability, which can be exploited to trigger arbitrary deserialization of PHP objects from the...
Squiz Matrix CMS Arbitrary File Deletion Vulnerability
Squiz Matrix CMS is an open source content management system with a highly usable interface. An arbitrary file deletion vulnerability exists in core/assets/form/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS. An attacker can exploit this...
CVE-2019-19374
An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...