7 matches found
EUVD-2020-16505
Malware in sbrugna...
CVE-2020-23765
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...
Unsafe plugins can be installed via pack import by tenant admins
Summary Unsafe plugins for instance sql-list can be installed in subdomain tenants via pack import even if unsafe plugin installation for tenants is disables Details I have an example https://bot20230704.saltcorn.com/view/allplugins It's publicly accessible but has not so secure values except lis...
GHSA-WXF3-4FVJ-VQQX Unsafe plugins can be installed via pack import by tenant admins
Summary Unsafe plugins for instance sql-list can be installed in subdomain tenants via pack import even if unsafe plugin installation for tenants is disables Details I have an example https://bot20230704.saltcorn.com/view/allplugins It's publicly accessible but has not so secure values except lis...
CVE-2020-23765
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...
CVE-2020-23765
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...
CVE-2020-23765
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...