admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-03-03 08:00:51 +00:00
parent afaeeb42f5
commit 2d0ca5bee8
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/13xxx/CVE-2020-13949.json
View File

@ -133,6 +133,11 @@
"refsource": "MLIST",
"name": "[hbase-issues] 20210302 [GitHub] [hbase] pankaj72981 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949",
"url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311@%3Cissues.hbase.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[hbase-issues] 20210303 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949",
"url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80@%3Cissues.hbase.apache.org%3E"
}
]
},

12
2020/36xxx/CVE-2020-36079.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server's uploaded/ directory."
"value": "** DISPUTED ** Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server's uploaded/ directory. NOTE: the vendor disputes this because exploitation can only be performed by an admin who has \"lots of other possibilities to harm a site.\""
}
]
},
@ -56,6 +56,16 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161569/Zenphoto-CMS-1.5.7-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/161569/Zenphoto-CMS-1.5.7-Shell-Upload.html"
},
{
"refsource": "MISC",
"name": "https://www.zenphoto.org/news/why-not-every-security-issue-is-really-an-issue/",
"url": "https://www.zenphoto.org/news/why-not-every-security-issue-is-really-an-issue/"
},
{
"refsource": "MISC",
"name": "https://github.com/zenphoto/zenphoto/issues/1292",
"url": "https://github.com/zenphoto/zenphoto/issues/1292"
}
]
}