Contao affected by directory traversal in the file selector widget

Impact Back end users can list files outside their file mounts or the document root in the FileSelector widget. Patches Update to Contao 4.13.49. Workarounds None. References https://contao.org/en/security-advisories/directory-traversal-in-the-fileselector-widget For more information If you have...

GHSA-VM6R-J788-HJH5 Contao affected by remote command execution through file upload

Impact Back end users with access to the file manager can upload malicious files and execute them on the server. Patches Update to Contao 4.13.49, 5.3.15 or 5.4.3. Workarounds Configure your web server so it does not execute PHP files and other scripts in the Contao file upload directory...

Contao affected by remote command execution through file upload

Impact Back end users with access to the file manager can upload malicious files and execute them on the server. Patches Update to Contao 4.13.49, 5.3.15 or 5.4.3. Workarounds Configure your web server so it does not execute PHP files and other scripts in the Contao file upload directory...

Reflected Cross Site-Scripting (XSS) in Oveleon Cookiebar

usd-2024-0009 | Reflected XSS in Oveleon Cookiebar Details Advisory ID: usd-2024-0009 Product: Cookiebar Affected Version: 2.X Vulnerability Type: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Security Risk: HIGH,...

[SECURITY] [DLA 1615-1] nagios3 security update

Package : nagios3 Version : 3.5.1.dfsg-2+deb8u1 CVE ID : CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245 Debian Bug : 771466 823721 917138 Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilia...