66 matches found
CVE-2026-5161
CVE-2026-5161 is an improper link resolution before file access vulnerability in Pardus About, enabling a Symlink Attack. Affected software: Pardus About prior to version 1.2.1. Root cause: improper link following allows unauthorized file access by traversing symlinks. Impact per CVSS metrics (AV...
container-tools:rhel8 security update
slirp4netns 1.2.3-1 - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3 - Related: Jira:RHEL-2110 1.2.2-1 - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2 - Related: Jira:RHEL-2110 1.2.1-1 - update to...
EUVD-2024-54392
Malicious code in bioql PyPI...
EUVD-2022-2171
Malicious code in bioql PyPI...
EUVD-2022-24391
Malicious code in bioql PyPI...
uptrace pgdriver 安全漏洞
uptrace pgdriver is an extension library for Golang from uptrace Moldova. A security vulnerability exists in uptrace pgdriver version v1.2.1, which stems from an unvalidated appendArg function in the /pgdriver/format.go file, which could lead to an SQL injection attack...
CVE-2024-46494
A cross-site scripting XSS vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article...
CVE-2024-32166
Webid v1.2.1 suffers from an Insecure Direct Object Reference IDOR - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended horizontal privilege escalation...
CVE-2024-32166
Webid v1.2.1 suffers from an Insecure Direct Object Reference IDOR - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended horizontal privilege escalation...
CVE-2024-32166
Webid v1.2.1 suffers from an Insecure Direct Object Reference IDOR - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended horizontal privilege escalation...
CVE-2023-49967
Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc...
CVE-2023-49967
Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc...
CVE-2023-49967
Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc...
CVE-2023-49967
Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc...
Request-Baskets 1.2.1 Server-Side Request Forgery
Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery SSRF Exploit Author: Iyaad Luqman K init6 Application: Request-Baskets v1.2.1 Tested on: Ubuntu 22.04 CVE: CVE-2023-27163 PoC !/bin/bash if "$" -lt 2 || "$1" = "-h" || "$1" = "--help" ; then help="Usage: exploit.sh \n\n";...
Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets
Automatic Exploit Summary The following exploit abuses...
Unrestricted file upload
A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php...
CVE-2023-36299
A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php...
CVE-2023-36243
FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xmlonmetadatatagonly function at dumpxml.c...
CVE-2023-36243
FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xmlonmetadatatagonly function at dumpxml.c...