关键字 的搜索结果 (15245)
[原文]Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.
[原文]The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.
[原文]Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.
[原文]Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.
[原文]Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.
[原文]iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.