Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

PT-2024-7036 · Spring · Spring Cloud Data Flow

Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow versions prior to 2.11.4 Description: A malicious user who has access to the Skipper server API can use a crafted upload request to write an arbitrary file to any location on the file system, which could lead to...

CVE-2024-39688

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is concatenated with other folders and used to open a new file in the generateconfig function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitra...

Triangle MicroWorks SCADA Data Gateway Arbitrary File Write Vulnerability

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. Triangle MicroWorks SCADA Data Gateway suffers from an arbitrary file write vulnerability that can be exploited by an attacker to write arbitrary files and execute arbitrary code...

PT-2024-5028 · Unknown +2 · Jumpserver +2

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.12 JumpServer versions prior to 4.0.0 Description: The issue is related to the JumpServer Privileged Access Management PAM tool, which provides secure access to various endpoints through a web browser. An...

PT-2024-37649 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin versions up to, and including, 1.1.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to create arbitrary files...

CVE-2024-39118

Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up...

PT-2024-28351 · Unknown · Mommy Heather Advanced Backups

Name of the Vulnerable Software and Affected Versions: Mommy Heather Advanced Backups versions up to 3.5.3 Description: The issue allows attackers to write arbitrary files via restoring a crafted backup. Recommendations: For versions up to 3.5.3, update to a version later than 3.5.3 to resolve th...

CVE-2024-39118

Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up...

GLSA-202407-18 : Stellarium: Arbitrary File Write

The remote host is affected by the vulnerability described in GLSA-202407-18 Stellarium: Arbitrary File Write A vulnerability has been discovered in Stellarium. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...

The vulnerability of the Atril program for viewing multi-page documents relates to the possibility of bypassing restricted access catalogs, allowing a intruder to write arbitrary files.

The vulnerability of the Atril application for viewing multi-page documents relates to the possibility of bypassing a restricted-access catalog. Exploiting this vulnerability could allow an intruder to write arbitrary files...

DEBIAN-CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the parseFromZipFile function, which will copy the file in zip to a temporary directory without verifying the file path, and the file can be written to an arbitrary path. Details ...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the parseFromZipFile function, which will copy the file in zip to a temporary directory without verifying the file path, and the file can be written to an arbitrary path. Details ...

CVE-2024-5827 Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...

CVE-2024-5827 Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...

GO-2024-2481 Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI

Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive report...

Vanna Code Issue Vulnerability

Vanna is a personalized AI SQL agent from Vanna Inc. Vanna version v0.3.4 suffers from a code issue vulnerability that stems from vulnerability to SQL injection attacks, where an attacker can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the...

GHSA-MR7H-W2QC-FFC2 pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint

A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the pluginserver, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path...

Cross site scripting in opencart

This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the directory parameter of admin common/filemanager.list route. An attacker could obtain a user's token by tricking the user to click on a maliciously crafted URL. The user is then prompte...