CVE-2024-0949

CVE-2024-0949 affects Talya Informatics’ Elektraweb prior to 17.0.68. The issue is described as Missing Authentication and Use of Hard-coded Credentials that enables Authentication Bypass due to improper access control, potentially exposing files/directories externally and impacting confidentiali...

PT-2024-5251

Name of the Vulnerable Software and Affected Versions Telegram for Android versions 10.14.4 and older Telegram for Android version 11.7.4 Description The issue is related to the incorrect handling of file extensions in received files, allowing an attacker to send malicious apps disguised as video...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

💥 WinRAR Vulnerability Description CVE-2023-38831 There...

Quick Cart 6.7 Shell Upload Vulnerability

Quick Cart version 6.7 suffers from a remote shell upload vulnerability provided you have administrative privileges. Title : Authenticated Remote Code Execution & Shell Upload Product : Quick Cart Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window ...

Quick Cart 6.7 Shell Upload

Title : Authenticated Remote Code Execution & Shell Upload Product : Quick Cart Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Date : 11/06/2024 Affected path : admin.php , core/common-admin.php, database/config.php Affected function :...

CVE-2024-5692

On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. Note: This issue only affected Windows operating systems. Other operating systems are...

CVE-2024-5692

The CVE-2024-5692 entry affects Mozilla Firefox and Thunderbird on Windows 10, where the Save As flow could bypass filename extension restrictions by including an invalid character in the extension, enabling saving with a disallowed extension like .url. Connected Mozilla advisories (MFSA) corrobo...

CVE-2024-5692

On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. Note: This issue only affected Windows operating systems. Other operating systems are...

GHSA-G7HW-JH4P-75WR TYPO3 Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences. Access to the file system of the server - either directly or through synchronization - is required to exploit the...

CVE-2024-5278

CVE-2024-5278 affects gaizhenbiao/chuanhuchatgpt. A vulnerability in the /upload endpoint allows unrestricted file uploads because handle_file_upload does not sanitize or validate file extensions or content types, enabling upload of HTML or Python files. This can lead to stored XSS and potentiall...

Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS

Phar files formerly known as "PHP archives" can act als self extracting archives which leads to the fact that source code is executed when Phar files are invoked. The Phar file format is not limited to be stored with a dedicated file extension - "bundle.phar" would be valid as well as "bundle.txt...

CVE-2024-32871 Pimcore Vulnerable to Flooding Server with Thumbnail files

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

GHSA-6XWF-7RFM-4GWC TYPO3 Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences. Access to the file system of the server - either directly or through synchronization - is required to exploit the...

GHSA-F9HR-7CFQ-MJG2 TYPO3 Arbitrary Code Execution via File List Module

Due to missing file extensions in $GLOBALS'TYPO3CONFVARS''BE'‘fileDenyPattern’, backend users are allowed to upload .phar, .shtml, .pl or .cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability. Derivatives of...

D-Link DAR-7000-40 Command Execution Vulnerability

The D-Link DAR-7000-40 is an Internet Behavior Audit Gateway from China AUO D-Link. The D-Link DAR-7000-40 suffers from a command execution vulnerability, which is caused by incorrect validation of file extensions in the interface/sysmanage/license authorization.php script. An attacker can exploi...

PT-2024-25947 · Unknown · Xlang Openagents

Name of the Vulnerable Software and Affected Versions: XLANG OpenAgents versions through fe73ac4 Description: The allowed file protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content. Recommendations: For versions through fe73ac4, consider...

CVE-2024-34524

OpenAgents (XLANG) prior to/through commit fe73ac4 contains a vulnerability in the allowed_file protection mechanism that can be bypassed by uploading content with an incorrect file extension for the content type. The issue affects Software OpenAgents as described by multiple sources (Red Hat, NV...

CVE-2024-34524

In XLANG OpenAgents through fe73ac4, the allowedfile protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content...

PT-2024-27265 · Opengnsys · Opengnsys

Name of the Vulnerable Software and Affected Versions: OpenGnsys version 1.1.1d Espeto Description: The issue allows an attacker to send a POST request to the endpoint '/opengnsys/images/M Icons.php' and modify the file extension due to a lack of file extension verification. This results in a...

CVE-2024-31214

Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file contents, full control over the directory where the file is stored, full control over the file...