yt-dlp: `–exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and stil ...

Continue Reading
yt-dlp: `–exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and stil ...

Continue Reading
XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user ...

Continue Reading
XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user ...

Continue Reading
CVE-2024-2217

gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the config.json file. This vulnerability is present in both authenticated and unauthenticated versi ...

Continue Reading
CVE-2024-2217

gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the config.json file. This vulnerability is present in both authenticated and unauthenticated versi ...

Continue Reading
CVE-2024-3025

mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by ...

Continue Reading
CVE-2024-3025

mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by ...

Continue Reading

Back to Main

Subscribe for the latest news: