Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause,…

A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL. Devamını Oku

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php. Devamını Oku

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component controllerindex.php, which can be exploited via the sql() method. Devamını Oku

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component controllerConfig.php, which can be exploited via the add() method. Devamını Oku

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component controllerpoint.php, which can be exploited via the add() method. Devamını Oku

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component controllerConfig.php, which can be exploited via the addqq() method. Devamını Oku

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component controllerindex.php, which can be exploited via the sj() method. Devamını Oku

emlog v6.0 contains a vulnerability in the component admintemplate.php, which allows attackers to getshell via a crafted Zip file. Devamını Oku

XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index. Devamını Oku