9 matches found
Mastodon security vulnerabilities
Mastodon is an open-source social networking server based on ActivityPub. Versions of Mastodon prior to v4.5.5, v4.4.12, and v4.3.18 contained security vulnerabilities. These vulnerabilities stemmed from insecure direct object references in the web push subscription update endpoint, which could...
CVE-2024-28265
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...
CVE-2024-28265
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...
CVE-2024-28265
CVE-2024-28265 affects IBOS v4.5.5, which has an arbitrary file deletion vulnerability in the file system/modules/dashboard/controllers/LoginController.php. The CVE entry assigns a CVSS v3.1 base score of 9.1 (CRITICAL) with network attack vector, no authentication, high impact to integrity and a...
CVE-2024-28265
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...
CVE-2023-49490
XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin.php...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...
CVE-2023-38942
Dango-Translator v4.5.5 was discovered to contain a remote command execution RCE vulnerability via the component app/config/cloudconfig.json...