195539 matches found
WordPress plugin e2pdf 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
KAMSOFT KS-SOMED 信任管理问题漏洞
KAMSOFT KS-SOMED is a comprehensive healthcare management system developed by the Polish company KAMSOFT. KAMSOFT KS-SOMED has a vulnerability related to trust management. This vulnerability stems from the use of hardcoded credentials, which may allow unauthorized attackers to access the FTP serv...
Red Hat OpenShift Container Platform 安全漏洞
Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container Platform...
WhatsApp MCP Server 路径遍历漏洞
WhatsApp MCP Server is a WhatsApp messaging search and sending tool developed by Luke Harries. Version 0.0.1 of WhatsApp MCP Server has a path traversal vulnerability. This vulnerability stems from incorrect handling of the mediaPath parameter in the SendAPIEndpoint component’s SendMessageRequest...
SourceCodester Computer Repair Shop Management System SQL注入漏洞
SourceCodester Computer Repair Shop Management System is an open-source computer repair workshop management system developed by SourceCodester. Versions of the SourceCodester Computer Repair Shop Management System prior to version 1.0 contained SQL injection vulnerabilities. These vulnerabilities...
Code-Projects Real State Services SQL注入漏洞
Code-Projects Real State Services is an open-source real estate service developed by Code-Projects. Version 1.0 of Code-Projects Real State Services has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Username” in the “login” component’s file...
CodeAstro Online Job Portal SQL注入漏洞
CodeAstro Online Job Portal is an online job portal operated by CodeAstro Corporation. Version 1.0 of CodeAstro Online Job Portal has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file/users/applicationstatus.php, which may lead to SQL...
CodeAstro Online Job Portal SQL注入漏洞
CodeAstro Online Job Portal is an online job portal operated by CodeAstro Corporation. Version 1.0 of CodeAstro Online Job Portal has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ID in the file admin/jobs-admins/delete-jobs.php, which may lead t...
H3C Magic B0 安全漏洞
H3C Magic B0 is a small wireless router produced by H3C Corporation. The H3C Magic B0 100R002 and earlier versions have security vulnerabilities. These vulnerabilities stem from improper handling of parameters in the function SetMobileAPInfoById within the file/goform/aspForm, which may lead to a...
HP Poly Voice 安全漏洞
HP Poly Voice is a voice communication software developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP Poly Voice, which stems from a buffer overflow issue when administrators enable interactive connection establishment. This vulnerability may lead to remote...
GPAC MP4Box 安全漏洞
GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Versions of GPAC MP4Box prior to 26.02.0 contained a...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities; these vulnerabilities stemmed from the use of the dasherprocess function, which allowed reusing of memory after heap deallocation, potentially leading to...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities. These vulnerabilities were caused by a null pointer dereferencing in the gfac4presb4backchannelspresent function, which could lead to a denial-of-service attack...
GPAC MP4Box 异常处理不当漏洞
GPAC MP4Box is a multimedia packager. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Versions of GPAC MP4Box prior to 26.02.0 contained a security vulnerability...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. Version 2.4 of GPAC contains a security vulnerability, which stems from a heap buffer overflow in the m2tsdmxsendpacket function. This vulnerability could lead to a denial-of-service attack...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 151.2 contained security vulnerabilities. These vulnerabilities stemmed from Reader View incorrectly escaping HTML tags in JSON-LD metadata. This could allo...
Mozilla Firefox for iOS 安全漏洞
Mozilla Firefox for iOS is a web browser designed for iOS devices by the Mozilla Foundation in the United States. Versions of Mozilla Firefox for iOS prior to 151.2 contained a security vulnerability. This vulnerability stemmed from Reader View replacing the page content in the HTML template befo...
logback 安全漏洞
Logback is a reliable, versatile, fast, and flexible Java logging framework developed by QOS.CH. Versions of Logback prior to 1.5.33 contain security vulnerabilities, which stem from the deserialization of untrusted data. This can lead to object injection, even though strict restrictions are in...
itsourcecode Content Management System SQL注入漏洞
itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the topicid parameter in the file...
SourceCodester Pharmacy Sales and Inventory System 访问控制错误漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a vulnerability related to access control. This vulnerability stems fro...
itsourcecode Online House Rental System SQL注入漏洞
itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameter IDs in the...
TRAC PDBM 安全漏洞
TRAC PDBM is an industrial automation process database management software developed by the Slovenian company TRAC. TRAC PDBM has a security vulnerability that stems from the use of static, hard-coded keys. This vulnerability could allow attackers to decrypt credentials stored in configuration...
itsourcecode Online Blood Bank Management System SQL注入漏洞
itsourcecode Online Blood Bank Management System is an open-source online blood bank management system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from improper handling of the parameter ID in the file/admin/viewrequest.php, potentially...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...
SourceCodester Pharmacy Sales and Inventory System 安全漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Versions of the SourceCodester Pharmacy Sales and Inventory System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...
SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...
Apache Fluss 安全漏洞
Apache Fluss is a streaming storage system developed by the Apache Foundation in the United States. Versions 0.8.0 and 0.9.0 of Apache Fluss contain security vulnerabilities. These vulnerabilities stem from the use of Integer.MAXVALUE as the maximum frame length in the Netty...
Apache Airflow 信息泄露漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability arises when the network connector...
Apache Airflow 信任管理问题漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a trust management vulnerability. This vulnerability stemmed from the...
Apache ActiveMQ 权限许可和访问控制问题漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from improper default Jolokia authorization...
Apache MINA SSHD 安全漏洞
Apache MINA SSHD is a pure Java library from the Apache Foundation that supports the SSH protocol on both the client and server sides. Apache MINA SSHD has a security vulnerability caused by path traversal, which may allow authenticated users to access git repositories outside of the configured g...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of checks...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from incomplete authorization. This vulnerability...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the...
Apache Solr 安全漏洞
Apache Solr is a search server based on Lucene, developed by the Apache Foundation in the United States. This product supports faceted searching, vertical searching, and highlighting search results. Vulnerabilities exist in Apache Solr versions 9.4.0 through 9.10.1, as well as 10.0.0, due to...
Apache Airflow 信息泄露漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 3.2.2, there were security...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the XCom PATCH...
Apache Airflow 信息泄露漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a security vulnerability known as information leakage. This vulnerability...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. One...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. The...
SOPlanning 代码问题漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had code vulnerabilities. These vulnerabilities stemmed from an unvalidated validation of file extensions during upload. This allowed authenticated attackers to uploa...
SOPlanning 跨站请求伪造漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site request forgeing vulnerability. This vulnerability stemmed from the susceptibility of the create, modify, and delete endpoints of groupesave to...
SOPlanning 路径遍历漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the backup endpoints being susceptible to path traversal attacks, allowing authenticated...
SOPlanning 跨站脚本漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the taches parameter, which was vulnerable to reflection-type cross-site scripting attacks...