CVE-2014-0468
- EPSS 0.18%
- Veröffentlicht 26.06.2025 20:39:24
- Zuletzt bearbeitet 06.08.2025 16:34:59
Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.
CVE-2014-6275
- EPSS 0.33%
- Veröffentlicht 02.01.2020 22:15:11
- Zuletzt bearbeitet 21.11.2024 02:14:04
FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If project webpages are hosted on the same server than FusionForge, it can allow users to incorrectly access on-disk priva...
- EPSS 6.68%
- Veröffentlicht 02.06.2015 14:59:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.
CVE-2013-1423
- EPSS 0.03%
- Veröffentlicht 14.03.2013 03:13:28
- Zuletzt bearbeitet 11.04.2025 00:51:21
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_update.pl, (5) deb-specific/ssh_dump_update.pl, (6) deb-specific/user_dump_update.pl, (7) plugins/scmbzr/common/BzrPlugin.cla...