933 matches found
Samsung Kies KiesWrapper DLL Hijacking Vulnerability
Samsung Kies is an application from the South Korean company Samsung Samsung for data synchronization between devices. The program is mainly used to connect Samsung devices with computers and supports features such as file management and device updates. A DLL hijacking vulnerability exists in...
WolfCMS Cross-Site Scripting Vulnerability (CNVD-2022-62200)
WolfCMS is designed to simplify content management by providing an elegant user interface, flexible per-page templates, simple user management and permissions, and the tools needed for file management.A cross-site scripting vulnerability exists in WolfCMS 0.8.3.1 and prior versions, which stems...
FUDForum Remote Code Execution Vulnerability
FUDForum is a PHP-based open source forum software.FUDForum versions prior to 3.1.2 are vulnerable to remote code execution. An attacker can use this vulnerability to execute remote code with the help of the upload file function of the file management system in the administration control panel...
[SECURITY] Fedora 36 Update: logrotate-3.20.1-1.fc36
The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...
OctoPrint Incorrect Access Control
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...
Moodle allows attackers to delete files
The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a manage-files button i...
Moodle allows attackers to bypass file-management restrictions
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restriction...
GHSA-622H-CJGG-5MX6 Moodle allows attackers to bypass file-management restrictions
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restriction...
SQL Injection Vulnerability in Physical Examination File Management System of Nanjing Zhongwei Xin Software Technology Co.
Ltd. is a national high-tech enterprise relying on independent research and development and technological innovation to form the core technology to carry out production and operation. There is a SQL injection vulnerability in the Medical Examination File Management System of Nanjing Zhongwei Xin...
Webmin Cross-Site Scripting Vulnerability (CNVD-2022-61347)
Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community.A cross-site scripting vulnerability exists in Webmin version 1.973, which stems from a lack of filtering and escaping of user-submitted parameters in the file management...
Webmin Cross-site Request Forgery Vulnerability (CNVD-2022-61346)
Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community.A cross-site request forgery vulnerability exists in Webmin version 1.973, which stems from the lack of token validation for cross-site request forgery in the file management...
Webmin 跨站请求伪造漏洞
Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community.A cross-site request forgery vulnerability exists in Webmin version 1.973, which stems from the lack of token validation for cross-site request forgery in the file management...
Webmin 跨站脚本漏洞
Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community.A cross-site scripting vulnerability exists in Webmin version 1.973, which stems from a lack of filtering and escaping of user-submitted parameters in the file management...
OpenBoxLab Raidrive 安全漏洞
OpenBoxLab Raidrive is a remote file management system from OpenBoxLab Korea. Allows mapping of WebDAV/FTP/SFTP, routers, Google Drive Team Drive, Photos, OneDrive and Dropbox to network drives on File Explorer. A security vulnerability previously existed in OpenBoxLab Raidrive v2021.12.35, which...
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...
PyShell - Multiplatform Python WebShell
PyShell is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be remotely accessed. Unlike other webshells, the main goal of the tool is to use as little code as possible on the server side, regardless of the language used or the operating syste...