5 matches found
CVE-2026-58652 luci-app-travelmate - Arbitrary Command Execution via UCI Script Parameter
luci-app-travelmate and the travelmate package contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to...
BIT-JOOMLA-2020-35616 [20201107] - Core - Write ACL violation in multiple core views
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations...
CVE-2020-35616
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations...
Input validation
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations...
CVE-2020-35616
Joomla! versions 1.7.0 through 3.9.22 are affected by an ACL write-violation vulnerability due to insufficient input validation when processing ACL rulesets. The issue can lead to write ACL violations in multiple core views, with the security entries indicating a high integrity impact (CVE-2020-3...