Fortinet FortiSandbox 路径遍历漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, a real-time control panel, and reporting capabilities. Fortinet FortiSandbox h...

CVE-2025-61923 PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the backoffice is missing validation on input resulting in a directory traversal and arbitrary file disclosure. The vulnerability is fixed in versions 4.4.1 and 5.0.5. N...

CVE-2025-61922 PrestaShop Checkout allows customer account takeover via email

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in...

PT-2025-42516

Name of the Vulnerable Software and Affected Versions PrestaShop Checkout versions prior to 4.4.1 and 5.0.5 Description A flaw exists in the PrestaShop Checkout module due to incorrect use of the PHP array search function. This improper usage allows bypassing validation, potentially leading to th...

PrestaShop Checkout 授权问题漏洞

PrestaShop Checkout is an open source checkout payment module from PrestaShopCorp. An authorization issue vulnerability exists in PrestaShop Checkout versions prior to 4.4.1 and prior to 5.0.5, which stems from a lack of authentication in the Express Checkout feature that could lead to an account...

PrestaShop Checkout 路径遍历漏洞

PrestaShop Checkout is an open source checkout payment module from PrestaShopCorp. A path traversal vulnerability exists in PrestaShop Checkout versions prior to 4.4.1 and prior to 5.0.5, which stems from a lack of input validation in the backend, and could lead to directory traversal and arbitra...

CVE-2024-23504

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5...

CVE-2023-45859

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster...

ALPINE-CVE-2020-7774

The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution...

Yargs Y18n Input Validation Error Vulnerability

Yargs Y18n is an I18n-like codebase written in Js by the individual developers of Yargs. An input validation error vulnerability exists in Yargs Y18n before versions 3.2.2, 4.0.1 and 5.0.5, which arises from a networked system or product that does not properly validate input data...