jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.

A flaw was found in the config-file-provider Jenkins plugin. The plugin does not perform permission checks in several HTTP endpoints, as a consequence an attacker with Overall/Read permission is allowed to enumerate configuration file IDs...

U.S. Dept Of Defense: Path traversal on [███]

Summary: The web application hosted on the "███████" domain is affected by a path traversal vulnerability that could permit to an attacker to include arbirtary files that are outside of the restricted directory. Description: The affected handler is the "█████". This handler receives, through the...

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

CVE-2021-29507

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

CVE-2021-29507

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

Information disclosure

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

CVE-2021-29507

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

CVE-2021-29507

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

CVE-2021-29507 dlt-daemon could crash if there is special character in dlt.conf

GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...

CVE-2021-29507

GENIVI Diagnostic Log and Trace (DLT) affects GENIVI DLT versions 2.10.0–2.18.6. The vulnerability arises when a configuration file contains special characters, causing a vulnerable component to crash and preventing applications from generating dlt logs. As documented, there was no patch at publi...

Logic Flaw Vulnerability in CareyShop of Ningbo Humen Technology Co.

CareyShop is a high-performance open source mall framework system based on ThinkPHP framework development. Ningbo Humen Technology Co. CareyShop has a logic flaw vulnerability that can be exploited by an attacker to read the database configuration file...

Privilege Escalation

github.com/cloudflare/cloudflared is vulnerable to privilege escalation. The way cloudflared reads its configuration file from C:\etc as default directory allows setting of an attacker-controlled log file location via malformed config.yaml file to escalate privileges and execute system-level...

GHSA-HGWP-4VP4-QMM2 Local Privilege Escalation in cloudflared

In cloudflared versions 2020.8.1 corresponding to 0.0.0-20200820025921-9323844ea773 on pkg.go.dev on Windows, if an administrator has started cloudflared and set it to read configuration files from a certain directory, an unprivileged user can exploit a misconfiguration in order to escalate...

CVE-2021-24307

The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...

CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

CVE-2020-35580

Summary: CVE-2020-35580 is a local file inclusion vulnerability in the SearchBlox FileServlet (versions before 9.2.2). The issue allows remote, unauthenticated attackers to read arbitrary files from the OS (via /searchblox/servlet/FileServlet?col=url=) and may expose the SearchBlox configuration ...

CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

cPanel cross-site scripting vulnerability (CNVD-2021-31749)

Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 94.0.3. The vulnerability stems from saving...

sympa -- Inappropriate use of the cookie parameter can be a security threat. This parameter may also not provide sufficient security.

Earlier versions of Sympa require a parameter named cookie in sympa.conf configuration file. This parameter was used to make some identifiers generated by the system unpredictable. For example, it was used as following: To be used as a salt to encrypt passwords stored in the database by the RC4...