3 matches found
ChurchCRM 授权问题漏洞
ChurchCRM is an open-source CRM system developed for churches. Versions 7.2.0 to 7.2.2 of ChurchCRM have vulnerabilities related to authorization. These vulnerabilities stem from incomplete fixes to the CVE-2026-4058 vulnerability, which may allow attackers to exploit the PoC Proof of Concept...
BIT-VALKEY-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution
Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...
PT-2024-1070 · Fortinet · Fortiportal
Name of the Vulnerable Software and Affected Versions: Fortinet FortiPortal versions 7.0.0 through 7.0.6 Fortinet FortiPortal versions 7.2.0 through 7.2.1 Description: The issue is related to improper access control in Fortinet FortiPortal, which can be exploited by an attacker to escalate...