1409 matches found
The vulnerability of the database update module of the Engineering Data and Product Lifecycle Management System LOCMAN:PLM, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.
The vulnerability of the database update module of the LOCsman:PLM engineering data and product lifecycle management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow attackers to execute arbitrary code by replacing the wsock32.dll library with...
The vulnerability of the database update module of the WorkFlow system in the Engineering Data Management and Product Lifecycle Management system LOCMAN:PLM lies in the possibility of unlimited loading of dangerous files, allowing attackers to execute arbitrary code.
The vulnerability of the database update module of the LOCsman:PLM engineering data and product lifecycle management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow an attacker to execute arbitrary code by replacing the dll library version.dl...
The vulnerability of the update display module of the engineering data management system and the product lifecycle management system LOCMAN, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.
The vulnerability of the update display module of the engineering data management and product lifecycle management system LOCsMAN:PLM is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker to execute arbitrary code by replacing the dll library e.g...
The vulnerability of the database update module of the Engineering Data and Product Lifecycle Management System LOCMAN:PLM, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.
The vulnerability of the Active Business Process Automation Module of LOCsMAN WorkFlow Audit Service is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow attackers to execute arbitrary code by replacing the dll library e.g., msimg32.dll in the...
CVE-2021-29092
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors...
CVE-2021-29092
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat
PoC exploit for CVE-2017-12617, CVE-2017-12618, CVE-2017-12619, CVE-2017-12620, CVE-2017-12621, CVE-2017-12622, CVE-2017-12623, CVE-2017-12624, CVE-2017-12625, CVE-2017-12626, CVE-2017-12627, CVE-2017-12628, CVE-2017-12629, CVE-2017-12630, CVE-2017-12631, CVE-2017-12632, CVE-2017-12633,...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat
PoC exploit for CVE-2017-12617, CVE-2017-12618, CVE-2017-12619, CVE-2017-12620, CVE-2017-12621, CVE-2017-12622, CVE-2017-12623, CVE-2017-12624, CVE-2017-12625, CVE-2017-12626, CVE-2017-12627, CVE-2017-12628, CVE-2017-12629, CVE-2017-12630, CVE-2017-12631, CVE-2017-12632, CVE-2017-12633,...
VulnCheck KEV: CVE-2021-20022
SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and...
NOKIA NetAct 18A 代码问题漏洞
NOKIA NetAct 18A is an application system from Nokia Finland. It provides best-in-class applications to enable seamless day-to-day network operations, including configuration management, monitoring and software management. A security vulnerability exists in Nokia NetAct 18A, which can be exploite...
The vulnerability of the rebuildAggregateFrames function in the library for reading and modifying metadata in audio files from TagLib allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the rebuildAggregateFrames function in the library for reading and modifying metadata in audio files from TagLib is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...
PT-2021-3982 · WordPress · Woocommerce Stock Manager
Name of the Vulnerable Software and Affected Versions: WooCommerce Stock Manager versions up to, and including, 2.5.7 Description: The issue is related to the implementation of the import/export functionality in the WooCommerce Stock Manager plugin for WordPress, specifically in the...
CVE-2021-22697
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
Design/Logic Flaw
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...
Telegram Desktop <= 2.1.13 Protection Mechanism Bypass Vulnerability - Windows
Telegram Desktop is prone to a protection mechanism bypass vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat
No description...
Unrestricted file upload
Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands...
DEBIAN-CVE-2020-17448
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
CVE-2020-17448
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
CVE-2020-11476
Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file...