Command injection

A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

PT-2023-4159 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: An issue was discovered in the download functionality, allowing an attacker to exploit a Cross-Site Scripting XSS vulnerability. By providing a crafted download path containing a malicious payload, an attacke...

Webmin 跨站脚本漏洞

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.021, which stems from a download feature that allows an attacker to exploit a cross-site scripting XSS vulnerability. By providin...

FortiADC - Improper input validation in download features

Multiple improper input validation vulnerabilities CWE-20 may allow an authenticated attacker to retrieve files with specific extensions from the underlying Linux system via crafted HTTP requests...

e-Excellence U-Office Force 路径遍历漏洞

e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. U-Office Force suffers from a path traversal vulnerability, which arises from its download feature that allows a remote attacker with common privileges to traverse the path and download arbitrary...

e-Excellence U-Office Force 路径遍历漏洞

e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. U-Office Force suffers from a path traversal vulnerability, which arises from its download feature that allows a remote attacker with common privileges to traverse the path and download arbitrary...

CVE-2021-32158

CVE-2021-32158 is an XSS vulnerability in Webmin 1.973 exploited via the Upload and Download feature. The issue stems from insufficient input filtering/escaping of user-supplied parameters in that function, enabling script execution in the client context. The CVE is corroborated by multiple sourc...

Server side request forgery (ssrf)

Ligeo Archives Ligeo Basics as of 0201-2022 is vulnerable to Server Side Request Forgery SSRF which allows an attacker to read any documents via the download features...

Tibco Data Virtualization 信息泄露漏洞

Tibco Data Virtualization is a data virtualization platform from Tibco, USA. An information disclosure vulnerability exists in TIBCO Data Virtualization Server because the product does not add permission restrictions to the file download feature. The vulnerability can be exploited to download...

Server-Side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF via the download feature. This allows attackers to provide DNS entries or IP addresses that are intended for internal use and gather information about the Intranet infrastructure of the platform...

UBUNTU-CVE-2021-21288

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for...

CVE-2021-21288

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for...

Design/Logic Flaw

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for...

CVE-2020-15662

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

CVE-2020-15662

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

Chaturbate: CSV Injection with the CSV export feature

Hi there, hope you are well, The "Download as a CSV" feature of does not properly "escape" fields. So that particular field is vulnerable to CSV injection. Steps of POC Step 1 : Go to any chat room and donate any token to some and in note insert =4+4. Step 2 : Now go to on this link and download...

AWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets

AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. It's similar to a subdomain bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to...

Security Bypass Vulnerabilities in Multiple Game Engine Products

ioquake3 and others are open source, free, cross-platform Quake 3-based FPS game engines. A security vulnerability exists in the auto-downloading feature in several game engine products, which stems from the program's failure to adequately restrict content. An attacker can exploit the vulnerabili...

Directory traversal

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors...

CVE-2014-0820

CVE-2014-0820 describes a directory traversal vulnerability in Cybozu Garoon’s download feature. Affected versions are Garoon 2.x up to 2.5.4 and 3.x up to 3.7 SP3. The issue allows remote authenticated users to read arbitrary server files via unspecified vectors. The connected documents indicate...