Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-40049

In WS_FTP Server version 8.8.0 prior to 8.8.2, an unauthenticated user could enumerate files under the ‘WebServiceHost’ directory listing. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2023-40048

In WS_FTP Server version 8.8.0 prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to…

Devamını oku

CVE-2023-40047

In WS_FTP Server version 8.8.0 prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server’s Management module. An attacker with administrative privileges…

Devamını oku

CVE-2023-40044

In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad…

Devamını oku

CVE-2023-40045

In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server’s Ad Hoc…

Devamını oku

CVE-2023-3223

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to…

Devamını oku

CVE-2023-3767

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to…

Devamını oku

CVE-2023-39377

SiberianCMS – CWE-434: Unrestricted Upload of File with Dangerous Type – A malicious user with administrative privileges may be able to upload a dangerous filetype…

Devamını oku

CVE-2023-39378

SiberianCMS – CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) by an unauthenticated user Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku