Webile v1.0.1 - Directory Traversal Web Vulnerability

Document Title: =============== Webile v1.0.1 - Directory Traversal Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2320 Release Date: ============= 2022-10-09 Vulnerability Laboratory ID VL-ID: ==================================== 232...

Improper Name Validation in Upload Document Form

Description The name of any uploaded document can be manipulated using the destination parameter, to include new line characters in its name, breaking the execution of JS code in "New Documents" section from "Miscellaneous" menu, that will be blank until the document is removed from DB. Proof of...

CVE-2022-3124

CVE-2022-3124 : The Frontend File Manager WordPress plugin, up to version 21.3, allows any unauthenticated user to rename files uploaded by users. The issue stems from insufficient validation in the destination filename, which could enable an attacker to alter the content of arbitrary files on th...

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...

CVE-2022-35239

CVE-2022-35239 affects SolarView Compact SV-CPT-MC310 and SV-CPT-MC310F (versions

PT-2022-22647 · Unknown · Solarview Compact Sv-Cpt-Mc310

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions 7.23 and earlier SolarView Compact SV-CPT-MC310F versions 7.23 and earlier Description: The image file management page contains an insufficient verification issue when uploading files. This can be...

PT-2022-18308 · Sourcecodester · Sourcecodester Simple Student Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Student Information System affected versions not specified Description: A critical issue affects the processing of the file manage course.php, where the manipulation of the id argument leads to sql injection. The attack...

Contec SolarView Compact 输入验证错误漏洞

Contec SolarView Compact is an application system from Contec Japan. which provides photovoltaic power measurement systems. Contec SolarView Compact suffers from an input validation error vulnerability that stems from insufficient input validation provided in the image file management page. An...

DEBIAN-CVE-2022-1141

Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture...

School File Management System Cross-Site Scripting Vulnerability (CNVD-2022-76506)

School File Management System is a school file management system that stores student files individually and retrieves them later. A cross-site scripting vulnerability exists in School File Management System version 1.0, which can be exploited to cause cross-site scripting attacks via the Lastname...

CVE-2021-29055

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in studentprofile.php...

CVE-2021-29055

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in studentprofile.php...

CVE-2021-46824

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in studentprofile.php...

CVE-2021-46824

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in studentprofile.php...

Cross site scripting

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in studentprofile.php...

CVE-2021-46824

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in studentprofile.php...

CVE-2021-46824

The CVE-2021-46824 entry describes a Cross Site Scripting (XSS) vulnerability in the Sourcecodester School File Management System 1.0, exploitable via the Lastname parameter in the Update Account form (student_profile.php). Affected component: Update Account on School File Management System 1.0; ...

CVE-2021-29055

The CVE-2021-29055 entry documents a Cross Site Scripting (XSS) vulnerability in Sourcecodester’s School File Management System 1.0, exploitable via the Firstname parameter in the Update Account form on student_profile.php. The affected component is the Update Account workflow, specifically the F...

School File Management System 跨站脚本漏洞

School File Management System is a school file management system that stores student files individually and retrieves them later. A cross-site scripting vulnerability exists in School File Management System version 1.0, which can be exploited to cause cross-site scripting attacks via the Firstnam...