PT-2022-17756 · WordPress · Newspaper

Name of the Vulnerable Software and Affected Versions: The Newspaper WordPress theme versions prior to 12 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitized before being outputted back in an HTML attribute via an...

ZZCMS index php information leakage vulnerability

ZZCMS is a content management system CMS by the ZZCMS team in China. An information disclosure vulnerability exists in ZZCMS 2022, which stems from the program's inadequate protection of sensitive information, and can be exploited by an attacker to send a request to "/admin/index php?Server" to...

Path traversal

An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php...

CVE-2022-40443

An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php...

ZZCMS 路径遍历漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. An information disclosure vulnerability exists in ZZCMS 2022, which stems from the program's inadequate protection of sensitive information, and can be exploited by an attacker to send a request to "/admin/index php?Server" to...

CVE-2022-40715

An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily...

Path traversal

An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily...

CVE-2022-40715

Summary : CVE-2022-40715 affects Nokia 1350 OMS (R14.2). An Absolute Path Traversal vulnerability exists in a specific endpoint exploitable via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files on the filesystem. The issue is centered on a vulnerable endpoint...

SAMSUNG Smart Switch PC 代码问题漏洞

SAMSUNG Smart Switch PC is a Windows software from Samsung South Korea. It is used for data transfer. SAMSUNG Smart Switch PC suffers from a DLL hijacking vulnerability that originates when a process attempts to load a DLL without specifying the absolute path to the DLL. An attacker can exploit...

CVE-2022-39838

Systematic FIX Adapter ALFAFX 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames...

CVE-2022-39838

Systematic FIX Adapter ALFAFX 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames...

Exploit for Path Traversal in Systematicalpha Systematic_Fix_Adapter_Firmware

CVE-2022-39838 Suggested description Systematica FIX Adap...

Systematic Alpha Management FIX Adapter 路径遍历漏洞

Systematic Alpha Management FIX Adapter is an adapter from Systematic Alpha Management, USA. A security vulnerability exists in Systematic Alpha Management FIX Adapter ALFAFX version 2.4.0.25 13/09/2017, which stems from a vulnerability that allows remote files to be included via UNC shared...

WinRAR <= 5.61 Absolute Path Traversal Vulnerability

WinRAR is prone to an absolute path traversal vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

GHSA-7488-6X3R-23W5 Ganga allows absolute path traversal

The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Ganga allows absolute path traversal

The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

GHSA-QP72-96P2-G644 Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely

The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31583

The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31584

The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31582

The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...