5 matches found
EUVD-2020-2189
Malware in sbrugna...
GHSA-J7FX-V37J-V3W7 Craft CMS Vulnerable to Server-Side Template Injection
Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a % string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of the Site Settings, which causes a cleartext userna...
CVE-2018-20465
Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a % string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of the Site Settings, which causes a cleartext userna...
Inkscape恶意URI格式串漏洞
Inkscape是一个开放原始码的向量绘图软件。 Inkscape处理恶意URI存在格式串问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linu...
Lynx < 2.8.5 dev 6 Syslog URI Format String
Binary data 1737.prm...