DBHcms Arbitrary File Write Vulnerability

DBHcms is a small, free and open source content management system for personal and small business websites. An arbitrary file write vulnerability exists in dbhcmsmodmod.editor.php $POST'updatefile' in DBHcms 1.2.0. An administrator user can exploit this vulnerability to obtain a webshell...

CVE-2020-7376

The Metasploit Framework module "post/osx/gather/enumosx module" is affected by a relative path traversal vulnerability in the getkeychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host...

Path traversal

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

CVE-2020-19891

DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...

CVE-2020-19891

DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...

Design/Logic Flaw

DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...

CVE-2020-19891

DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...

CVE-2020-19891

CVE-2020-19891 affects DBHcms v1.2.0. A vulnerability in file dbhcms/mod/mod.editor.php allows arbitrary file write via POSTed updatefile (filename) and tinymce_content (file content) because there is no security filtering. A remote authenticated admin user can exploit this to obtain a webshell. ...

PYSEC-2020-70

In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to be placed in arbitrary locations on disk...

CVE-2020-5609

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to crea...

Cisco Data Center Network Manager Input Validation Error Vulnerability

Cisco Data Center Network Manager DCNM is a data center management system from Cisco. The system works with Cisco Nexus and MDS series switches and provides storage visualization, configuration and troubleshooting. An input validation error vulnerability exists in the archive utility in Cisco DCN...

CVE-2020-14493

A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...

CVE-2020-14493

CVE-2020-14493 affects OpenClinic GA versions 5.09.02 and 5.89.05b. A low-privilege user can craft SQL that writes arbitrary files on the server, potentially enabling execution of arbitrary commands. The ICS advisory indicates remote exploitation with high risk and public exploits available, and ...

CVE-2020-15623

This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the archivo parameter, the process...

CVE-2020-5131

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier...

CVE-2020-5131

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier...

Design/Logic Flaw

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier...

CVE-2020-5131

CVE-2020-5131 affects SonicWall NetExtender Windows client up to version 9.0.815. The vulnerability is an arbitrary file write that enables overwriting a DLL, allowing code execution with the same privileges on the host OS. The CVE is described in multiple sources (e.g., Red Hat advisory and CNVD...

CVE-2020-5131

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier...

CVE-2020-9682

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...