1649 matches found
CVE-2024-8671
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to overwrite arbitrary...
CVE-2024-8671
The CVE-2024-8671 entry concerns WordPress plugin WooEvents – Calendar and Event Booking. Affected versions (up to 4.1.2) are vulnerable to arbitrary file overwrite due to insufficient file path validation in inc/barcode.php, enabling unauthenticated attackers to overwrite server files and potent...
CVE-2024-8671 WooEvents <= 4.1.2 - Unauthenticated Arbitrary File Overwrite
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to overwrite arbitrary...
CVE-2024-8671 WooEvents <= 4.1.2 - Unauthenticated Arbitrary File Overwrite
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to overwrite arbitrary...
WordPress WooEvents plugin <= 4.1.2 - Unauthenticated Arbitrary File Overwrite vulnerability
Unauthenticated Arbitrary File Overwrite vulnerability discovered by Tonn in WordPress Plugin WooEvents versions = 4.1.2...
CVE-2024-33109
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function...
CVE-2024-44167
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 13.7, which originates from an application that may be able to overwrite arbitrary files...
Stripe CLI 安全漏洞
Stripe CLI is a command line tool for the Stripe e-commerce platform from Stripe Ireland. A security vulnerability exists in Stripe CLI version 1.11.1 and later versions, which stems from the inclusion of plug-in packages with formatting errors that can overwrite arbitrary files...
K000140630: NGINX Agent vulnerability CVE-2024-7634
Security Advisory Description NGINX Agent's configdirs restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. CVE-2024-7634 Impact Under the default configuration, a user can overwrite arbitrary files on any...
PT-2024-29083 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.6 macOS versions prior to 13.6.8 macOS versions prior to 14.6 Description: The issue was addressed with improved checks. An app may be able to overwrite arbitrary files. Recommendations: For macOS versions prior t...
Arbitrary File Overwrite
aim is vulnerable to Arbitrary File Overwrite. The vulnerability is due to improper handling of the runhash and repo.path parameters in the backuprun-function, allowing any file on the host server to be overwritten and arbitrary data to be exfiltrated...
CVE-2024-6396 Arbitrary File Overwrite and Data Exfiltration in aimhubio/aim
A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...
Exploit for CVE-2024-37726
CVE-2024-37726 MSI Center Local Privilege Escalation - Arbitra...
CVE-2024-34129
Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to access files and directories...
CVE-2024-36473
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service DoS and under specific conditions can lead to elevation of privileges...
CVE-2024-36473
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service DoS and under specific conditions can lead to elevation of privileges...
CVE-2024-36473
Affected software/versions: Trend Micro VPN Proxy One Pro, 5.8.1012 and below. What is vulnerable: an arbitrary file overwrite or create attack, leading to a local DoS and, under specific conditions, privilege elevation. Root cause / vector (as described): impact stems from the Vpn Background Con...
PT-2024-4340 · Trend Micro · Trend Micro Vpn Proxy One Pro
Name of the Vulnerable Software and Affected Versions: Trend Micro VPN Proxy One Pro versions 5.8.1012 and below Description: The issue is related to an arbitrary file overwrite or create attack, which can lead to a local Denial of Service DoS and, under specific conditions, elevation of...
SUSE CVE-2024-5187
A vulnerability in the downloadmodelwithtestdata function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability enables attackers to overwrite any file on the system,...