SiteVision suffers from an issue where attacker may inject non-authorized module when editing pages using a lower privileged account, which can lead to cross site scripting and remote code execution All versions of SiteVision 4 until 456 and all versions of SiteVision 5 until 511 are vulnerable ...
SiteVision suffers from an issue where attackers may execute arbitrary code as root on the target server after gaining access to a low-privilege account All versions of SiteVision 4 until 456 and all versions of SiteVision 5 until 511 are vulnerable ...
<!--X-Body-Begin-->
<!--X-User-Header-->
Full Disclosure
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
SiteVision Remote Code Execution
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Oscar Hjelm <OscarHj ...
<!--X-Body-Begin-->
<!--X-User-Header-->
Full Disclosure
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
SiteVision Insufficient Module Access Control
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Oscar Hjelm ...