3 matches found
hestiacp 操作系统命令注入漏洞
hestiacp is a lightweight and powerful control panel for the modern web. An operating system command injection vulnerability exists in hestiacp versions prior to 1.6.5, which stems from the ability to inject arbitrary commands when installing DokuWiki...
GHSA-4QQF-HMV6-R6WH Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
The implementations of PKCS1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack...
phpRechnung SQL Injection Vulnerability
phpRechnung is a web-based accounting software. A SQL injection vulnerability exists in the list.php script in versions prior to phpRechnung 1.6.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...