Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The…

webViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter. Zafiyet…