CVE-2026-26222

The CVE-2026-26222 entry concerns Altec DocLink (now Beyond Limits Inc.) 4.0.336.0, where insecure .NET Remoting endpoints exposed over TCP and HTTP/SOAP via ObjectURI “doclinkServer.soap” allow unauthenticated access. The vulnerability arises from unsafe object unmarshalling, enabling remote att...

CA eTrust Security Command Center and eTrust Audit 存在多个漏洞

CA eTrust Security Command Center eSCC和eTrust Audit是CA产品安全命令执行和审核程序。 CA eTrust Security Command Center eSCC和eTrust Audit存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息，执行任意文件删除或者重播攻击。 第一个问题是允许攻击者发现在windows平台上的web服务器路径信息，此漏洞影响eTrust Security Command Center Server 1.0, r8, r8 SP1 CR1, 和r8 SP1 CR2版本。...

Vulnerability: McGallery v 1.1 files reading on disk

Vendor: Phpforum, http://www.phpforums.net/ Product: McGallery v 1.1 Vulnerability: files reading on disk Consequences: Web server paths are opened Risk: High Description: Attacker can form the query in URL form ang get the access to the system files Example:...

Vulnerability: Bitrix Web Server Paths

Vendor: Bitrix Product:Bitrix Site Manager 4.0.x Consequences: Web server paths Risk: Minimal Description: during executions of http://host/bitrix/templates/.default/subscribe/subscrform.php http://host /bitrix/phpinterface/dbqueryerror.php there got an erros which is causing web server internal...

Vulnerability: McGallery v 1.1 Mysql DB including

Vendor: Phpforum, http://www.phpforums.net/ Product: McGallery v 1.1 Vulnerability: mysql including Consequences: Web server paths Risk: Low Description: Unfiltered $host variable. Allows attacker to connect to fake DB and make select from it. http://example.com/mcgallery/show.php?host=attackhost...