Kategori: Güvenlik Açıkları

CVE-2022-0386

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710. Zafiyet ile…

Devamını oku

CVE-2022-0652

Confd log files contain local users’, including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks…

Devamını oku

CVE-2021-40662

A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.…

Devamını oku

CVE-2021-38745

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This…

Devamını oku