Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-37645: eyoucms 1.6.3 has an information leakage vulnerability · Issue #50 · weng-xianhu/eyoucms

eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt.

CVE
#vulnerability#web#git

eyoucms 1.6.3 has an information leakage vulnerability

A bug was found. There is information leakage.
Tests are executed only in the test environment. No illegal operation

Software Link :https://github.com/weng-xianhu/eyoucms
Website : http://www.eyoucms.com/

Access the file recruit.filelist.txt to obtain the site path information.
The vulnerability path exists:/eyoucms/data/model/custom_model_path/recruit.filelist.txt.

Access the leaked path information page

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907