1015 matches found
CVE-2023-6601
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...
CVE-2024-56828
CVE-2024-56828 affects ChestnutCMS up to 1.5.0. The /api/member/avatar endpoint accepts a base64 data URL, decodes the payload via the service’s uploadAvatarByBase64, and derives a file suffix from the encoded content (substring from the 11th character to the first semicolon). The decoded data is...
Microsoft Edge File Extension Spoofing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Microsoft...
Chamilo v1.11.24 Unrestricted File Upload PHP Webshell
Chamilo LMS is a free software e-learning and content management system. In versions prior to use exploit/linux/http/chamilobiguploadwebshell msf exploitchamilobiguploadwebshell show targets ...targets... msf exploitchamilobiguploadwebshell set TARGET msf exploitchamilobiguploadwebshell show...
PT-2024-15022 · FFmpeg +1 · Ffmpeg +1
Name of the Vulnerable Software and Affected Versions: FFmpeg affected versions not specified Description: A flaw was found in FFmpeg's HLS demuxer, allowing bypassing of unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file...
ProjectSend r1295 - r1605 Unauthenticated Remote Code Execution
This module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605. The vulnerability allows an unauthenticated attacker to obtain remote code execution by enabling user registration, disabling the whitelist of allowed file extensions, and uploading a malicio...
PT-2024-34372 · Unopim · Unopim
Name of the Vulnerable Software and Affected Versions: UnoPim versions 0.1.3 and below Description: The issue is related to Cross Site Scripting XSS in the Create User function, allowing attackers to perform XSS via an SVG document. This can be used to steal cookies. The vulnerability is exploite...
Operately 安全漏洞
Operately is an open source company management system from Operately, Inc. A security vulnerability exists in Operately version v.0.1.0, which stems from an unrestricted file upload issue that allows a privileged user to remotely execute code by uploading and executing malicious files without...
CVE-2024-7962 Arbitrary File Read via Insufficient Validation in gaizhenbiao/chuanhuchatgpt
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except f...
CVE-2024-6049
The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...
CVE-2024-6049
The CVE-2024-6049 issue affects Lawo AG vsm LTC Time Sync (vTimeSync) Web server. A triple-dot path traversal vulnerability allows unauthenticated attackers to download arbitrary OS files via crafted HTTP requests, with exploitation possible only when a file extension is requested (e.g., .exe, .t...
CVE-2024-6049 Unauthenticated Path Traversal
The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...
Unspecified Vulnerability in Mozilla Firefox (CNVD-2024-44471)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 131, which stems from the fact that a specially crafted filename containing a large number of spaces may obscure the file's...
CVE-2024-9395
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog...
CVE-2024-9395
A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...
CVE-2024-9395
A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...
CVE-2024-9395
A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 131, which stems from the fact that a specially crafted filename containing a large number of spaces may obscure the file's...
CVE-2024-47531
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
CVE-2024-47531 Scout contains insufficient output escaping of attachment names
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...