MyAAC 跨站脚本漏洞

MyAAC is an OpenTibiaBR open source free and open source Automated Account Creator AAC written in PHP. A cross-site scripting vulnerability exists in MyAAC version 0.8.16 and prior versions, which stems from a cross-site scripting attack in the file system/pages/forum/newpost.php of the component...

CVE-2013-1051

CVE-2013-1051 affects apt versions 0.8.16 and 0.9.7 (and possibly others) through improper handling of InRelease files, enabling man-in-the-middle modification of packages before installation via unknown vectors. The underlying issue relates to repository integrity checks and third‑party reposito...

Design/Logic Flaw

APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle MITM attack...