CVE-2019-9076
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.
Source: CVE-2019-9076
[월:] 2019년 02월
CVE-2019-9066
CVE-2019-9066
PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile.
Source: CVE-2019-9066
CVE-2019-9064
CVE-2019-9064
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.
Source: CVE-2019-9064
CVE-2019-9065
CVE-2019-9065
PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount.
Source: CVE-2019-9065
CVE-2019-9047
CVE-2019-9047
GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
Source: CVE-2019-9047
CVE-2019-9062
CVE-2019-9062
PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php.
Source: CVE-2019-9062
CVE-2019-9063
CVE-2019-9063
PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount.
Source: CVE-2019-9063
CVE-2019-9052
CVE-2019-9052
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI.
Source: CVE-2019-9052
CVE-2019-9050
CVE-2019-9050
An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed.
Source: CVE-2019-9050
CVE-2019-9051
CVE-2019-9051
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI.
Source: CVE-2019-9051