PhpColl 2.5.1 Arbitrary File Upload

PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/ via clients/editclient.php. id: CVE-2017-6090 info: name: PhpColl 2.5.1 Arbitrary File Uplo...

CVE-2025-6090

CVE-2025-6090 affects H3C GR-5400AX V100R009L50. The vulnerability is a buffer overflow in the UpdateWanparamsMulti/UpdateIpv6params handlers within /routing/goform/aspForm caused by manipulating the param argument. Exploitation is possible remotely and the exploit has been disclosed publicly. Mu...

CVE-2023-6090

Unrestricted Upload of File with Dangerous Type vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects Mollie Payments for WooCommerce: from n/a through 7.3.11...

CVE-2007-6090

Cross-site scripting XSS vulnerability in index.php in Nuked-Klan 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Linux Distros Unpatched Vulnerability : CVE-2012-6090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a...

CVE-2024-6090 Path Traversal Vulnerability in gaizhenbiao/chuanhuchatgpt

A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerability can also be exploited to delete any files ending in .json on the target system, leading to a denial of service as users are unable to...

CVE-2023-6090

creationtimestamp| type| source ---|---|--- 2024-02-29 07:22:08+00:00| seen| https://t.me/ctinow/196279 2024-02-29 07:26:48+00:00| seen| https://t.me/ctinow/196296...

CVE-2023-6090 WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects Mollie Payments for WooCommerce: from n/a through 7.3.11...

CVE-2023-6090

CVE-2023-6090 affects Mollie Payments for WooCommerce. Unrestricted Upload of File with Dangerous Type in plugin versions up to 7.3.11 allows arbitrary file uploads. Patch released: 7.3.12 fixes the issue. Originating reports from Patchstack and CVE records confirm the vulnerability and remediati...

VulnCheck KEV: CVE-2017-6090

Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/...

WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload

Software Mollie Payments for WooCommerce Type Plugin Vulnerable versions = 7.3.11 Fixed in 7.3.12 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-6090 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 5c0982698e82 Credits Rafie Muhammad...

Wago PFC 200 Web-Based Management Code Execution (CVE-2020-6090)

An exploitable code execution vulnerability exists in the Web-Based Management WBM functionality of WAGO PFC 200 03.03.1015. A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigger this...

Mageia: Security Advisory (MGASA-2018-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6090

The CVE-2020-6090 entry concerns WAGO PFC 200 Web-Based Management (WBM) version 03.03.10(15). Multiple sources (Talos, Red Hat, Tenable, CNVD, etc.) confirm an exploitable code execution vulnerability triggered by specially crafted authenticated HTTP requests to WBM. The root cause is that WBM’s...

Fedora 28 : chromium (2018-94e1bc8c23)

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102...

CVE-2018-6090

CVE-2018-6090 refers to a heap buffer overflow in Skia used by Google Chrome before 66.0.3359.117, allowing remote code execution inside the sandbox via a crafted HTML page. Connected sources confirm the flaw affects Chrome/Chromium’s Skia component and state that the fix is included in Chrome 66...

Security Bulletin: IBM Cúram Social Program Management is vulnerable to cross-site request forgery attacks (CVE-2014-6090).

Summary IBM Cúram Social Program management contains a number of servlets which do not adequately protect against CSRF. This could potentially allow an attacker to affect the integrity of data managed by these servlets. Vulnerability Details CVEID: CVE-2014-6090 DESCRIPTION: IBM Curam Social...

Fedora 27 : chromium (2018-812b5d5a71)

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102...

Debian DSA-4182-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-6056 lokihardt discovered an error in the v8 JavaScript library. - CVE-2018-6057 Gal Beniamini discovered errors related to shared memory permissions. - CVE-2018-6060 Omair discovered a use-after-free issue in...

Critical: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...