PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script exec ...
Continue Reading
September 08, 2022
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-080 advisory. - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as chec ...
Continue Reading
September 07, 2022
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-073 advisory. - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML p ...
Continue Reading
September 06, 2022
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-085 advisory. - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter func ...
Continue Reading
September 06, 2022
PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability ([CWE-74]()). Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Per ...
Continue Reading
September 01, 2022
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:6158 advisory. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8. ...
Continue Reading
August 31, 2022
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625) For more details ...
Continue Reading
August 31, 2022
This module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can send a crafted XML-RPC request containing maliciou ...
Continue Reading
August 29, 2022
Back to Main
