ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php. rmccarth/cve-2021-3164 CVE-2021-3165 (2021-01-26) SmartAgent 3.1.0 allows...
Code Type: X86-64 (Native) Parent Process: launchd [753] Responsible: Safari [1555] User ID: 501 Date/Time: 2014-09-23 16:04:43.146 +0100 OS Version: Mac OS X 10.9.5 (13F34) Report Version: 11 Anonymous UUID: 377E32E2-79A8-4E6E-2249-9BA4CE50AA05 Crashed Thread: 18 Exception ...
** DISPUTED ** Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend...
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and...
** DISPUTED ** Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend...