8 matches found
WordPress plugin Flex Store Users 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin Tiger 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin FindAll Listing 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
IIT Bombay Bodhitree 代码注入漏洞
IIT Bombay Bodhitree is an online learning platform. A security vulnerability exists in IIT Bombay Bodhitree version cs101, which stems from incorrect input validation and a lack of restrictions on user processes, with malicious code injection, which could lead to Remote Code Execution RCE, syste...
Bytebase Access Control Error Vulnerability
Bytebase is an open source web-based, zero-configuration, dependency-free database schema change and version control management tool for DevOps teams.Bytebase versions 0.1.0 through 1.0.4 are vulnerable to an access control error that stems from unrestricted low privilege user access, which can b...
GitLab 信息泄露漏洞
GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. GitLab is vulnerable to an information disclosure vulnerability caused by an unrestricted instance of the application's "/user.keys" route that disables public visibility...
Comments from retricted blog post visible for unrestricted user
h5. Summary All comments made before the post restriction changed to "Viewing and editing restricted" will be available to all user in all updates. This is only happening for blog post, and page restriction working as expected. Tested in version 5.9.1customer's version and 6.1.3, same behavious c...
F5 BIG-IP Application Security Manager (ASM) XSS
Edit: Corrected the date in the timeline from 01/12/14 to 01/12/15. Details ======= Product: F5 BIG-IP Application Security Manager ASM Vulnerability: Cross Site Scripting Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5.x...