XXL-CONF Path Traversal vulnerability

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

GHSA-8J39-FGFP-VXH8 XXL-CONF Path Traversal vulnerability

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

CVE-2018-16873

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not ...

Multiple Siemens Products Protection Mechanism Failure Vulnerability

Siemens SINUMERIK 808D and so on are the German Siemens Siemens company's CNC machine tool system controller. A security vulnerability exists in Siemens SINUMERIK CNC Controller. A local attacker can exploit this vulnerability by modifying a user-writable configuration file to execute code with...

Directory Traversal

xxl-conf-core is vulnerable to directory traversal attacks. The vulnerable exists due to the lack of sanitization on the value of pathname, allowing the download of any configuration file using the ../ characters...

CVE-2018-11459

A vulnerability has been identified in SINUMERIK 808D V4.7 All versions, SINUMERIK 808D V4.8 All versions, SINUMERIK 828D V4.7 All versions V4.7 SP6 HF1, SINUMERIK 840D sl V4.7 All versions V4.7 SP6 HF5, SINUMERIK 840D sl V4.8 All versions V4.8 SP3. A local attacker could modify a user-writeable...

CVE-2018-11459

A vulnerability has been identified in SINUMERIK 808D V4.7 All versions, SINUMERIK 808D V4.8 All versions, SINUMERIK 828D V4.7 All versions V4.7 SP6 HF1, SINUMERIK 840D sl V4.7 All versions V4.7 SP6 HF5, SINUMERIK 840D sl V4.8 All versions V4.8 SP3. A local attacker could modify a user-writeable...

CVE-2018-11459

Siemens SINUMERIK controllers are affected: SINUMERIK 808D v4.7/all versions and v4.8, SINUMERIK 828D v4.7, and SINUMERIK 840D sl v4.7/v4.8 (specific sub-versions). Root cause: attacker-modifiable, user-writeable configuration files can be reloaded after reboot or manual start, causing attacker-c...

Path traversal

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

CVE-2018-20094

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

CVE-2018-20094

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

CVE-2018-20094

An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...

CVE-2018-20094

CVE-2018-20094 affects XXL-CONF 1.6.0 via a path-traversal flaw in the keys parameter that can download arbitrary configuration files. The root cause is described as insufficient validation in ConfController.java and PropUtil.java, enabling an attacker to access sensitive configuration data. The ...

SolarWinds SFTP Insecure Password Storage Vulnerability

SolarWinds SFTP is an FTP service program. An insecure password storage vulnerability exists in SolarWinds SFTP. The vulnerability is due to the configuration file being globally readable and writable and storing user passwords in an insecure manner, allowing an attacker to determine passwords fo...

CVE-2018-16792

SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data...

Design/Logic Flaw

In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the serve...

CVE-2018-16792

SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data...

Code Execution Vulnerability in Tianmu MVC Website Management System Home Edition

Tianmu MVC website management system is Pizhou Tianmu Network Technology Co., Ltd. developed a professional PHP + MYSQL products, the use of independent MVC framework, applicable to large and small and medium-sized enterprises of the open source MVC. Tianmu MVC website management system Home...

CVE-2018-19537

TP-Link Archer C5 devices through V2160201US allow remote command execution via shell metacharacters on the wandynhostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin ma...

CVE-2018-19537

TP-Link Archer C5 devices through V2160201US allow remote command execution via shell metacharacters on the wandynhostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin ma...