Milesight UR32L luci2-io file-import firmware update vulnerability

Talos Vulnerability Report TALOS-2023-1852 Milesight UR32L luci2-io file-import firmware update vulnerability May 1, 2024 CVE Number CVE-2023-47166 SUMMARY A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network...

Milesight UR32L 授权问题漏洞

Milesight UR32L is a 4G industrial router from China's StarZone IOT Milesight. An authorization issue vulnerability exists in Milesight UR32L v32.3.0.7-r2, which stems from a firmware update vulnerability in the file import function, where a specially crafted network request could result in an...

PT-2024-13420 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.7-r2 Description: A firmware update vulnerability exists in the luci2-io file-import functionality. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network reque...

Magento ver. 2.4.6 - XSLT Server Side Injection Vulnerability

Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: Magento 2.4.6-p3 Version: 2.4.6 Tested on: 2.4.6 POC 1. Enter with admin credentials to this URL: https://magento2demo.firebearstudio.com...

PYSEC-2024-249

Summary On all Label Studio versions prior to 1.11.0, data imported via file upload feature is not properly sanitized prior to being rendered within a Choices or Labels tag, resulting in an XSS vulnerability. Details Need permission to use the "data import" function. This was reproduced on Label...

CVE-2024-24565 CrateDB database has an arbitrary file read vulnerability

CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY...

CVE-2023-2252 Directorist < 7.5.4 - Admin+ LFI

The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files...

PT-2024-11967 · WordPress · Directorist Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Directorist WordPress plugin versions prior to 7.5.4 Description: The issue is related to Local File Inclusion, where the plugin does not validate the file parameter when importing CSV files. This allows for potential exploitation. There is n...

Poly Trio Security Breach

Poly Trio is a Trio series of business conference phones from Poly USA. A security vulnerability exists in Poly CCX and Trio that stems from a password change vulnerability in the parameter device.auth.localAdminPassword of the Configuration File Import component. Affected products and versions:...

PT-2023-8254 · Poly · Edge E220 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX...

Server side request forgery (ssrf)

A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit ha...

phpBB: Authenticated path traversal to Stored XSS and Denial-of-Service

An authenticated path traversal vulnerability was discovered that could allow an attacker to cause a denial-of-service by reading files from restricted directories. This vulnerability also enabled an attacker to determine which files existed on the server. Additionally, a stored cross-site...

CVE-2023-4141 WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '-cus2' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin...

XSS Reflected via import file funtion

Description The application does import data from the file without cleaning the data inside before processing, resulting in javascript code that can be injected and triggered when the victim executes the function. Proof of Concept Step1: The attacker creates a .csv file containing a payload to...

PT-2023-3100 · D Link · D-Link Dir-842

Name of the Vulnerable Software and Affected Versions: D-Link DIR-842V2 version 1.0.3 Description: The issue allows attackers to execute arbitrary commands via importing a crafted file. This is related to the lack of data cleaning measures at the management level, which can be exploited by a remo...

CVE-2023-21665

Memory corruption in Graphics while importing a file...

Memory corruption

Memory corruption in Graphics while importing a file...

CVE-2023-21665 Incorrect Type Conversion or Cast in Graphics

Memory corruption in Graphics while importing a file...

Path traversal

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

CVE-2015-10105

CVE-2015-10105 affects the WordPress IP Blacklist Cloud Plugin (CSV File Import) up to version 3.42, specifically the valid_js_identifier function in ip_blacklist_cloud.php. The vulnerability arises from improper handling of the filename argument, enabling path traversal and remote initiation of ...