JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder (usually admins) to click on links to /dashbuilder/Controller containing malicious...
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even...
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to...
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba...
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized...
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php. Date published : 2018-10-31 https://github.com/AvaterXXX/MiniCms/blob/master/Command%20Execution.md https://www.patec.cn/newsshow.php?cid=24&id=135
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late. Date published : 2018-10-31 https://github.com/AvaterXXX/MiniCms/blob/master/Authentication%20and%20Information%20Exposure.md#authentication-vulnerability https://www.patec.cn/newsshow.php?cid=24&id=135
MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename. Date published : 2018-10-31 https://github.com/AvaterXXX/MiniCms/blob/master/Authentication%20and%20Information%20Exposure.md#information-exposure https://www.patec.cn/newsshow.php?cid=24&id=135
An issue was discovered in laravelCMS through 2018-04-02. appHttpControllersBackendProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed. Date published : 2018-10-31...
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field). Date published : 2018-10-31 http://www.iwantacve.cn/index.php/archives/75/
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified...
nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the index.php?action=file_manager_upload URI. Date published : 2018-10-31 https://github.com/gnat/nc-cms/issues/11
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. Date published : 2018-10-31 https://security.gentoo.org/glsa/201908-03 https://github.com/mdadams/jasper/issues/184
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter. Date published : 2018-10-31 https://qclover.github.io/2018/10/10/EmpireCMS_V7.5%E7%9A%84%E4%B8%80%E6%AC%A1%E5%AE%A1%E8%AE%A1.html