Day: Mart 1, 2022

CVE-2021-41652

Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the entire database. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

Devamını oku

CVE-2021-41282

diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall.…

Devamını oku

CVE-2022-24720

image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of…

Devamını oku

CVE-2022-24255

Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges. Devamını Oku Kaynak: NIST

Devamını oku

CVE-2022-24254

An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP…

Devamını oku

CVE-2022-24253

Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet. Devamını Oku Kaynak: NIST

Devamını oku

CVE-2022-24252

An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file. Devamını…

Devamını oku

CVE-2022-24251

Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function. Devamını Oku Kaynak: NIST

Devamını oku