A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a…
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a…
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody'…
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions…
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions…
74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&c=help&a=help_list&key. Devamını Oku
DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vulnerability via /admin/cloud.php. Devamını Oku
74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&c=help&a=help_list&key. Devamını Oku
The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown. An application that uses this gem to let administrators masquerade/impersonate users…