CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website.

In /install/index.php, it is not checked whether config.php already exists in the website root directory. The install directory is not automatically deleted after the system installation. When you visit /install again, reinstall the website again.  
![图片](https://user-images.githubusercontent.com/81867137/140075619-2bdc53db-f4b2-4b79-a36f-0f8160083c63.png)

Installation succeeded  
![图片](https://user-images.githubusercontent.com/81867137/140072252-9e87246b-3208-40b9-af18-be8476319200.png)

The install directory is not automatically deleted after the system is installed,visit /install again  
![图片](https://user-images.githubusercontent.com/81867137/140074981-e78a3b83-06d2-4d23-a425-5ef69642d1d8.png)

The website was reinstalled  
![图片](https://user-images.githubusercontent.com/81867137/140075064-945e8a31-6937-4d92-a810-36c7afcdbcdb.png)

Headline

CVE-2021-43478: install bug · Issue #1 · kr0za/bugs

CVE: Latest News