Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2024-26261
- EPSS 0.25%
- Veröffentlicht 15.02.2024 03:15:35
- Zuletzt bearbeitet 23.01.2025 19:56:10
The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing them to download the file without login. Furthermore...
9.8
CVE-2024-26260
- EPSS 2.75%
- Veröffentlicht 15.02.2024 03:15:34
- Zuletzt bearbeitet 23.01.2025 19:55:55
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code ...
1