Echo vulnerable to directory traversal

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

CVE-2020-36565

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

UBUNTU-CVE-2020-36565

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

labstack echo 路径遍历漏洞

labstack echo is the high-performance, minimalist Go Web framework. A security vulnerability exists in the previous version of labstack echo v4.1.18-0.20201215153152-4422e3b66b9f, which stems from incorrect cleanup of user input on Windows, where the static file handler allows for directory...

CVE-2022-4246

A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an unknown part of the component MID File Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. T...

Design/Logic Flaw

A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an unknown part of the component MID File Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. T...

Kakao PotPlayer 安全漏洞

Kakao PotPlayer is a lightweight media player from Korea's Kakao Corporation that supports multiple formats. A security vulnerability exists in Kakao PotPlayer that stems from a problem in an unknown portion of the component MID File Handler, which could lead to a denial of service...

CVE-2022-4246

CVE-2022-4246 affects Kakao PotPlayer, specifically an unknown portion of the MID File Handler. The available documents report a denial-of-service condition that can be triggered remotely and note that the exploit has been disclosed publicly. No concrete affected versions or remediation are provi...

PT-2022-26443 · Kakao · Kakao Potplayer

Name of the Vulnerable Software and Affected Versions: Kakao PotPlayer affected versions not specified Description: A problematic issue has been found in the MID File Handler component of Kakao PotPlayer, leading to denial of service. The manipulation can be initiated remotely. The exploit has be...

CVE-2022-4246 Kakao PotPlayer MID File denial of service

A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an unknown part of the component MID File Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. T...

PT-2022-23818 · Unknown · Patrickfuller Camp

Name of the Vulnerable Software and Affected Versions: patrickfuller camp versions up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 Description: The issue concerns Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root director...

CVE-2022-3458

A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...

CVE-2022-3458

A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...

Out-of-bounds

A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...

PT-2022-22218 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A critical issue has been found in the Image File Handler component of the SourceCodester Human Resource Management System, specifically affecting an unknown functionali...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System, which originates from an unknown function in employeeview.php in the Image File Handler, and can be exploited by an...

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 CVSS score: 9.8, a critical integer overflow vulnerability in WhatsApp that results in the...

jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

Remote Code Execution

flysystem is vulnerable to remote code execution. An attacker is able to upload and execute malicious code on the system under attack via the component File Handler...

kernel: cgroup: Use open-time creds and namespace for migration perm checks

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...