[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255227

 
 

909

 
 

198741

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 253462 Download | Alert*

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.

In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.

There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.

IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434.

Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.

admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the administrator account's password.

An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.


Pages:      Start    11449    11450    11451    11452    11453    11454    11455    11456    11457    11458    11459    11460    11461    11462    ..   25346

© SecPod Technologies