4 matches found
CVE-2021-43099
creationtimestamp| type| source ---|---|--- 2022-03-29 02:40:42+00:00| seen| https://t.me/cibsecurity/39695...
CVE-2021-43099
An Archive Extraction AKA "Zip Slip vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds directory traversal...
CVE-2021-43099
CVE-2021-43099 is a Zip Slip-style vulnerability in the bbs 5.3 UpgradeNow function (UpgradeManageAction.java) that unzips uploaded archives without validating filenames, enabling directory traversal (e.g., ../../evil.exe). The CVE description and connected sources confirm the affected component ...
CVE-2021-43099
An Archive Extraction AKA "Zip Slip vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds directory traversal...