LioTree
- OS Version: windows11 - Browser Version: chrome 102.0.5005.115 - Browser Addon Version: 0.2.12 - Neovim Plugin Version: 0.2.12 ### What I tried to do Enter Chinese using the Microsoft...
if `://` is in the path of url, gleezcms will use curl library to send request. This vulnerability is far more dangerous than it looks like because curl supports gopher...
I found that I could not get any result when searching files, sometimes cursor couldn't even pop up the search box. And I found something like this in log.log: It...
Hi, I would like to report some serious security vulnerabilities. # SQL Injection ## `HistoryController::getList` https://github.com/xiebruce/PicUploader/blob/2ef5b21cb2ae831ff5a56473b0f1315a6f81ff65/settings/HistoryController.php#L107 The variable `$keyword` is directly controlled by `$_GET['keyword']`, which allows an attacker to inject...
Hi, there is an external control of file name or path vulnerability (CWE-73) in `inc/modules/settings/Admin.php`. At line 371, the file path and content to write are both partially controlled by...