CVE-2021-4411

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the wpepdownloadtransactioninexcel function. This makes it possible for unauthenticated attackers...

CVE-2022-43437

The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database...

CVE-2022-43437

Vulnerability: EasyTest (HWA JIUH DIGITAL TECHNOLOGY LTD.) has a SQL injection in the Download function parameter due to insufficient input validation. Root cause: lack of validation enables a remote attacker with general user privileges to inject arbitrary SQL commands and access/modify/delete t...

EasyTest SQL注入漏洞

Easytest is an online learning quiz platform of China Huaqi Digital Technology Company. A security vulnerability exists in EasyTest due to insufficient validation of user input in the parameters of its Download function, which allows a remote attacker with normal user privileges to inject arbitra...

CVE-2022-39022 e-Excellence Inc. U-Office Force - Path Traversal

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

CVE-2021-45789

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function...

MeterSphere 安全漏洞

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. MeterSphere v1.15.4 version of a security vulnerability , the vulnerability stems from the existence of arbitrary file read vulnerability , authenticated users can read any file on the server through the file...

GHSA-QGRF-34HP-GHM9 OpenCart Path Traversal

OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the downloadid. For example, an attacker can download ../../config.php...

Webmin 跨站请求伪造漏洞

Webmin is the Webmin community's set of Web-based system administration tools for Unix-like operating systems. A cross-site request forgery vulnerability exists in Webmin version 1.973, which stems from a lack of token validation for cross-site request forgery in the upload and download functions...

Path traversal

Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580...

CVE-2021-46417

CVE-2021-46417 affects Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. The Local File Inclusion vulnerability arises from insecure handling of a download function that allows path traversal (example: /cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd). This can disclos...

cocoapods-downloader command injection vulnerability

cocoapods-downloader is a small library. It is used to download files from remote controls in folders. cocoapods-downloader versions prior to 1.6.2 have a security vulnerability that stems from the presence of command injection in the hg parameter. An attacker calling the download function could...

CVE-2022-21223

The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function when using hg, the url and/or revision, tag, branch is passed to the hg clone command in a way that additional flags can be set. The additional flags can...

Command injection

The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function when using hg, the url and/or revision, tag, branch is passed to the hg clone command in a way that additional flags can be set. The additional flags can...

CVE-2022-21223 Command Injection

The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function when using hg, the url and/or revision, tag, branch is passed to the hg clone command in a way that additional flags can be set. The additional flags can...

Ligeo Archives 代码问题漏洞

Ligeo Archives is an archive management software from the Ligeo Archives community in France. A security vulnerability exists in Ligeo Basics by Ligeo Archives, which stems from a server-side request forgery SSRF attack on Ligeo Basics. The vulnerability allows an attacker to read any document vi...

CVE-2022-0236

The WP Import Export WordPress plugin both free and premium versions is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpieprocessfiledownload found in the /includes/classes/class-wpie-general.php file. This made it possible for...

Design/Logic Flaw

The WP Import Export WordPress plugin both free and premium versions is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpieprocessfiledownload found in the /includes/classes/class-wpie-general.php file. This made it possible for...

CVE-2022-0236

CVE-2022-0236 affects the WordPress plugin WP Import Export (free & premium) up to version 3.9.15. The root cause is a missing capability check in the download function wpie_process_file_download (in ~/includes/classes/class-wpie-general.php), allowing unauthenticated attackers to disclose sensit...

CVE-2021-45789

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function...