IceWarp Mail Server 路径遍历漏洞

IceWarp Mail Server is a mail server product from the Czech company IceWarp IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration, and more. A security vulnerability exists in IceWarp Mail Server version v10.4.5, which originates from a Local File Inclusion L...

PT-2023-27075 · Icewarp · Icewarp Mail Server

Name of the Vulnerable Software and Affected Versions: IceWarp Mail Server version 10.4.5 Description: The issue is related to a local file inclusion LFI vulnerability. It affects the /calendar/minimizer/index.php component, allowing attackers to include or execute files from the local file syste...

NewsPicks 信任管理问题漏洞

NewsPicks is an economic news website from the Japanese company NewsPicks. A security vulnerability exists in NewsPicks version 10.4.5 and prior versions that stems from the application's use of hard-coded credentials...

WordPress Contest Gallery plugin <= 10.4.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Cryptography Laboratory in WordPress Contest Gallery plugin versions = 10.4.4. Solution Update the WordPress Contest Gallery plugin to the latest available version at least 10.4.5...

WordPress Contest Gallery Plugin Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Contest Gallery plugin is a plugin for uploading and displaying images. A cross-site request forgery vulnerability exists in WordPress...