1124 matches found
CVE-2021-47871
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...
CVE-2021-47871 Hestia Control Panel 1.3.2 - Arbitrary File Write
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...
PT-2026-3823
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...
MiracleLinux 3 : sysstat-7.0.2-11.0.1.AXS3 (AXSA:2011-321:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-321:01 advisory. This package provides the sar and iostat commands for Linux. Sar and iostat enable system monitoring of disk, network, and other IO activity. Security issues...
CVE-2025-67077
File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or under certain conditions also guest users, via the UploadTmpFile action...
CVE-2025-67077
File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or under certain conditions also guest users, via the UploadTmpFile action...
PT-2026-3022
Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A file upload issue exists in the Omnispace Agora Project. The issue allows authenticated users, and potentially guest users under certain conditions, to upload files via the...
MiracleLinux 3 : sudo-1.7.2p1-14.AXS3.3 (AXSA:2012-777:03)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-777:03 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...
MiracleLinux 9 : thunderbird-128.10.0-1.el9_6.ML.1 (AXSA:2025-10475:14)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10475:14 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing...
MiracleLinux 9 : socat-1.7.4.1-6.el9_6.1 (AXSA:2025-10632:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10632:02 advisory. socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : thunderbird-128.9.2-1.el9_5.ML.1 (AXSA:2025-9897:08)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9897:08 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing...
CVE-2018-10519
CMS Made Simple CMSMS 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the effuid value within $COOKIE$this-loginkey to equal 1, because files in the tmp/ directory are accessible through HTTP requests. NOTE: this vulnerability exists because o...
CVE-2016-10799
cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation SEC-137...
CVE-2025-67091
An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...
CVE-2021-22571
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above...
CVE-2025-67091
CVE-2025-67091 affects GL.iNet AX1800 firmware versions 4.6.4 and 4.6.8 . The issue lies in the GL.iNet custom opkg wrapper script at /usr/libexec/opkg-call , which runs with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. Vulnerable code u...
EUVD-2022-55937
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the...
EUVD-2022-55935
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the vulnerable ping.php script,...
CVE-2022-50795
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
CVE-2022-50791
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the vulnerable ping.php script,...