97 matches found
SUSE CVE-2025-24389
Certain errors of the upstream libraries will insert sensitive information in the OTRS or OTRS Community Edition log mechanism and mails send to the system administrator. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS...
Synnefo Internet Management Software 安全漏洞
Synnefo Internet Management Software SynnefoIMS is an Internet management software from Synnefo, Inc. A security vulnerability exists in Synnefo Internet Management Software version 2023 and prior releases that stems from the presence of a SQL injection vulnerability...
PT-2025-3958 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue has been found in the software, specifically a SQL injection flaw. This issue is related to the manipulation of the id argument in the "/index.php" file, allowing for remote attacks. The exploi...
PT-2024-35419 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A SQL injection issue was discovered in the /q/show.php endpoint. This issue allows for potential SQL injection attacks. Recommendations: For ZZCMS version 2023, consider restricting access to the /q/show.php...
ZZCMS 安全漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which stems from an SQL injection vulnerability contained in /q/show.php...
PT-2024-39386 · Unknown · Easy Tax Client
Name of the Vulnerable Software and Affected Versions: Easy Tax Client Software 2023 versions 1.2 and earlier Description: A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software across multiple platforms, including Windows, Linux, and macOS. Recommendations: For...
ZZCMS 注入漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. An injection vulnerability exists in ZZCMS version 2023, which originates from the parameter keyword in the file /admin/adlist.php?action=pass that can cause SQL injection...
PT-2024-16852 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue affects some unknown functionality of the file /admin/ad list.php?action=pass of the component Keyword Filtering. The manipulation of the keyword argument leads to SQL injection. The attack may...
ZZCMS 信息泄露漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. An information disclosure vulnerability exists in ZZCMS version 2023, which originates from operations on file 3/qq-connect2.0/API/com/inc.php that can lead to information disclosure...
PT-2024-16166 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue has been found, affecting the function Ebak SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to...
ZZCMS SQL注入漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS version 2023, which originates from the lack of validation of the parameter phome in file 3/Ebak5.1/upload/phome.php for external SQL statements, which can be exploited by an attacke...
ZZCMS 安全漏洞
ZZCMS is a content management system CMS from the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which stems from the checkyzm function failing to properly refresh the CAPTCHA value after a failed validation attempt...
UBUNTU-CVE-2024-43442
Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...
PT-2024-38693 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability was found in ZZCMS, affecting an unknown functionality of the file "/admin/class.php?dowhat=modifyclass". The manipulation of the argument skin leads to path traversal. The attack can b...
ZZCMS 安全漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which originates from the parameter phome in file 3/Ebak5.1/upload/eginfo.php that can lead to information leakage...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/aboutedit.php?action=modify that causes path traversal. No details of the vulnerability are provided at this tim...
PT-2024-38692 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability has been found in ZZCMS. The issue affects an unknown function of the file /admin/about edit.php?action=modify. The manipulation of the skin argument leads to path traversal. It is...
ZZCMS 路径遍历漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/class.php?dowhat=modifyclass that causes path traversal. No details of the vulnerability are provided at this ti...
ZZCMS 安全漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A cross-site scripting vulnerability exists in ZZCMS v2023 and earlier versions, which stems from incorrect HTTPREFERER header handling, and can be exploited by an attacker to execute malicious scripts via specially crafted URLs...
ZZCMS 安全漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version v2023, which stems from vulnerability to reflective cross-site scripting attacks, where an attacker can execute arbitrary code in a user's browser environment by injecting a...