CVE-2022-26627

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...

CVE-2022-26627

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...

Design/Logic Flaw

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...

CVE-2022-26627

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...

Vulnerability-Disclosure

CVE-2022-AVAST1 Arbitrary File Write that Leads to Defense Ev...

zgrep -- arbitrary file write

RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, allows a perpetrator to write arbitrary files.

The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, is related to errors in processing the relative path to the catalog. Exploiting this...

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

PT-2022-2156 · Gnu +11 · Gnu Gzip +11

Name of the Vulnerable Software and Affected Versions: GNU gzip versions affected versions not specified Description: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. This flaw occurs due to insufficient validation when processing filenames with two or more newlines...

UBUNTU-CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

OpenSSH < 8.0

According to its banner, the version of OpenSSH running on the remote host is prior to 8.0. It is, therefore, affected by the following vulnerabilities: - A permission bypass vulnerability due to improper directory name validation. An unauthenticated, remote attacker can exploit this, with a...

PT-2022-6761 · Jszip +1 · Jszip +1

Name of the Vulnerable Software and Affected Versions: JSZip versions prior to 3.8.0 Description: The issue is related to the loadAsync function in JSZip, which allows directory traversal via a crafted ZIP archive. This can be exploited by a remote attacker to write arbitrary files and execute...

CVE-2022-25347 Delta Electronics DIAEnergie Path Traversal

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system...

DEBIAN-CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

UBUNTU-CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

Delta Electronics DIAEnergie路径遍历漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A path traversal...

CVE-2021-39384

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java...

CVE-2021-39384

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java...

CVE-2021-39384

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java...

CVE-2021-39384

CVE-2021-39384 : DWSurvey v3.2.0 contains an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java. This is the root cause described in the CVE entry. CVSS metrics indicate a high-severity issue (CVSSv3.1 base score 9.8, CRITICAL) with NETWORK attack vector, no authentica...