IlchCMS 2.1.37 Cross Site Scripting

A cross site scripting vulnerability exists in IlchCMS version 2.1.37. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

CVE-2023-38257

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords...

Design/Logic Flaw

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords...

Remote code execution

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it...

Design/Logic Flaw

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext...

Iagona ScrutisWeb 信任管理问题漏洞

Iagona ScrutisWeb is a security solution from the French company Iagona. A security vulnerability exists in Iagona ScrutisWeb version 2.1.37 and earlier versions. An attacker exploited the vulnerability to decrypt encrypted passwords into plaintext...

Studio 42 elFinder on Windows Arbitrary File Deletion Vulnerability

Studio 42 elFinder on Windows is a Windows-based platform using jQuery and jQuery UI and written in JavaScript open source Web file manager . A security vulnerability exists in the 'zipdl' function of the elFinder.class.php file in versions of Studio 42 elFinder prior to 2.1.37 for Windows-based...