1409 matches found
Internet Bug Bounty: Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url)
Slides : https://docs.google.com/presentation/d/19WeQbqcOKnrSv1I3Z4sm-oNAf6IVzHwRyQP4i9BvY/editslide=id.g758ad3e04223231 See Blogpost for more details - https://medium.com/@metnew/exploiting-popular-macos-apps-with-a-single-terminal-file-f6c2efdfedaa Summary Popular macOS apps with a file-sharing...
: Pydio Cells 2.04 Multiple Vulnerabilities
1. Advisory Information Title : Pydio Cells 2.04 Multiple Vulnerabilities Advisory ID : CORE-2020-0007 Advisory URL : https://www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilities Date published : 2020-05-28 Date of last update : 2020-05-28 Vendors contacted : Pydio...
CVE-2020-11807
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...
The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in their susceptibility to unlimited loading of dangerous files, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a specially created package...
class.upload.php in verot.net omits .pht from the set of dangerous file extensions
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
GHSA-2GC7-W4HW-RR2M class.upload.php in verot.net omits .pht from the set of dangerous file extensions
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
Remote code execution in verot/class.upload.php
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...
GHSA-R5GM-4P5W-PQ2P Remote code execution in verot/class.upload.php
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...
The vulnerability of the cwpsrv-xxx cookie file in the CentOS Web Panel application allows a hacker to elevate their privileges to the root level.
The vulnerability of the cwpsrv-xxx cookie file in the CentOS Web Panel application management server application is related to the unlimited download of dangerous files. Exploiting this vulnerability could allow a malicious actor to elevate their privileges to the root level remotely...
CVE-2020-5514
Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI...
CVE-2019-19634
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
CVE-2019-19634
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
CVE-2019-19634
CVE-2019-19634 affects verot.net class.upload.php up to version 2.0.4 (and 1.0.3 in some builds) used in Joomla! K2 extension; it omits .pht from dangerous extensions, enabling arbitrary file upload and remote code execution. An exploit/POC demonstrates obtaining a shell via a crafted image uploa...
CVE-2019-19576
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...
CVE-2019-12271
Sandline Centraleyezer On Premises allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side...
Centraleyezer File Upload Vulnerability
Centraleyezer is a vulnerability tracking and management platform. The platform is used for vulnerability reporting, prioritization, escalation and tracking of vulnerabilities. A security vulnerability exists in Centraleyezer. An attacker can exploit the vulnerability to upload dangerous types of...
CVE-2019-17536
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/mediaupload and fm/move...
CVE-2019-11655
Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type...
CVE-2019-6839
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow a...
CVE-2019-14755
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type...