Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/12/11 12:0 a.m.8 views

altera Quartus Prime Pro Edition Design Software 安全漏洞

The altera Quartus Prime Pro Edition Design Software is an FPGA design and development software suite from altera, USA. A security vulnerability exists in altera Quartus Prime Pro Edition Design Software that originates from not checking target installation directory permissions...

6.7CVSS6.8AI score0.0008EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.3 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.3CVSS6.4AI score0.00244EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.5 views

CVE-2023-28435

Dataease is an open source data visualization and analysis tool. The permissions for the file upload interface is not checked so users who are not logged in can upload directly to the background. The file type also goes unchecked, users could upload any type of file. These vulnerabilities has bee...

6.5CVSS7AI score0.00465EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.2 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a permissions issu...

8.1CVSS7AI score0.0033EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/02/07 6:25 p.m.28 views

Pimcore Admin Classic Bundle permissions are not getting checked when working with tags

Impact You can create, delete etc. tags without having the permission to do so. This vulnerability allows an attacker to perform broken access control and add tags to admin panel and add dumy data. One can do this as intruder and add text parameters with random numbers and this will effect...

9.1CVSS7AI score0.00544EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2013/05/30 12:0 a.m.15 views

eshop后台大面积sql注入

简要描述: 自从某数字公司悬赏后,数字公司没火,乌云上对ec的漏洞频繁爆出。。不知是什么一个情况?虽然后台漏洞大多数没钱。但是本着审核代码的原则。还是提一下把混点rank也好。现在rank是111 不吉利啊 详细说明: 后台大规模的存在 order by 注入 搜索了一下 $REQUEST'sortby' 或者$REQUEST'sortorder' 大约涉及到30多个文件。。。 我的天。30多处!!ec的开发人员都是copy代码的吗?? 说代码把 拿一处来讲把 这里没有检查权限 admin\ads.php 行36 if $REQUEST'act' == 'list' $pid =...

7.1AI score
Exploits0
Rows per page
Query Builder