20 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Daptin has Unauthenticated Path Traversal and Zip Slip
Impact The cloudstore.file.upload action in server/actions/actioncloudstorefileupload.go writes user-supplied filenames directly to disk without proper validation. This allows unauthenticated attackers to perform path traversal and zip slip attacks, leading to arbitrary file write and potential...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
GHSA-9CP7-J3F8-P5JX Daptin has Unauthenticated Path Traversal and Zip Slip
Impact The cloudstore.file.upload action in server/actions/actioncloudstorefileupload.go writes user-supplied filenames directly to disk without proper validation. This allows unauthenticated attackers to perform path traversal and zip slip attacks, leading to arbitrary file write and potential...
EUVD-2019-9880
Malware in sbrugna...
Malicious code in CloudStore (npm)
The package CloudStore was found to contain malicious code...
MAL-2025-17186 Malicious code in CloudStore (npm)
The package CloudStore was found to contain malicious code...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
PT-2024-38524 · Unknown · Weaver E-Cology
Name of the Vulnerable Software and Affected Versions: Weaver e-cology version 8 Description: A vulnerability was found in the Source Code Handler component of Weaver e-cology, affecting an unknown function of the file /cloudstore/ecode/setup/ecology dev.zip. This issue leads to information...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
CVE-2019-1321 : An elevation-of-privilege flaw in Windows CloudStore occurs when a Discretionary Access Control List (DACL) is mishandled. Technical description across connected documents confirms the issue is a local-elevation vulnerability in Windows CloudStore. The NVD entry lists CVSS results...
Microsoft Windows Multiple Vulnerabilities (KB4520010)
This host is missing a critical security update according to Microsoft KB4520010 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows CloudStore Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacke...
PT-2019-3514
Name of the Vulnerable Software and Affected Versions Windows CloudStore affected versions not specified Description The issue is related to improper handling of file Discretionary Access Control List DACL by Windows CloudStore, which can lead to an elevation of privilege. This can be exploited b...
Microsoft Windows CloudStore CVE-2019-1321 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft...