VDB-247886 is the identifier assigned to this vulnerability.Ī vulnerability was found in Thecosy IceCMS 2.0.1. The exploit has been disclosed to the public and may be used. The manipulation leads to improper access controls. Affected by this issue is some unknown functionality of the file /adplanet/PlanetCommentList of the component API. Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated.Īn improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.Īn OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.Ī vulnerability was found in Thecosy IceCMS 2.0.1. VDB-248218 is the identifier assigned to this vulnerability.ĭue to improper error handling, a REST API resource could expose a server side error containing an internal WSO2 specific package name in the HTTP response. It is recommended to upgrade the affected component. Upgrading to version 4.52.01 is able to address this issue. The manipulation of the argument path/file leads to unrestricted upload. This vulnerability affects unknown code of the file /index.php?pluginApp/to/yzOffice/getFile of the component API Endpoint Handler. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests.Ī vulnerability was found in kalcaddle KodExplorer up to 4.51.03. A vulnerable API method in M-Files Server before 5.0 allows for uncontrolled resource consumption.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |