Astra Linux - уязвимость в zabbix

A verified Zabbix user including guests can cause excessive CPU load on the webserver by sending specially crafted parameters to /imgstore.php, potentially leading to a denial of service...

elecV2P 路径遍历漏洞

elecV2P is a network request modification and scheduled task tool developed by the elecV2 individual developer. Versions of elecV2P 3.8.3 and earlier have a path traversal vulnerability. This vulnerability stems from improper handling of parameters in the path.join function of the file/store/:key...

CVE-2025-49643

An authenticated Zabbix user including Guest is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service...

CVE-2025-49643

An authenticated Zabbix user including Guest is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

EUVD-2025-34925

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

Error: "Cannot connect to server. Try again in a few minutes" on StoreFront

End-user is unable to add Store into Receiver, unless the full Store path is appended. Example https://SF-FQDN/Citrix/; - Add Store is successful https://SF-FQDN - Add Store fails: After user gets prompted for credentials, an error message appears: "Cannot connect to server. Try again in a few...

CVE-2023-3477

A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The attack can be...

RocketSoft Rocket LMS 跨站脚本漏洞

RocketSoft Rocket LMS is a full-featured Learning Management System from RocketSoft. A cross-site scripting vulnerability exists in RocketSoft Rocket LMS version 1.7, which stems from the name/subject/message parameter in the file /contact/store that causes cross-site scripting...

PT-2023-21303 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.106 Description: A SQL injection issue allows a remote attacker to execute arbitrary code via the rank parameter in the "/dede/group store.php" endpoint. Recommendations: For DedeCMS version 5.7.106, consider restricting...

CVE-2023-23024

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter...

Target Device Error: "Store path not found"

Target Device Error: Store path not found...