github.com/ecies/go vulnerable to possible private key restoration

Impact If functions Encapsulate, Decapsulate and ECDH could be called by an attacker, he could recover any private key that he interacts with. Patches Patched in v2.0.8 Workarounds You could manually check public key by calling IsOnCurve function from secp256k1 libraries. References...

Liufee CMS File Upload vulnerability

File Upload vulnerability in Liufee CMS, AKA Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component...

Remote code execution

flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code...

CVE-2021-41402

The CVE-2021-41402 entry maps to the same issue across multiple sources: flatCore-CMS v2.0.8 contains a code execution vulnerability. CNNVD details indicate the root cause is a lack of data filtering and escaping in specific cache-related PHP scripts (/content/cache/active_urls.php and /content/c...

CVE-2021-41402

flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code...

CVE-2021-41403

flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities...

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

Document Title: =============== WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1406 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID VL-ID: ===================================...