dde-file-manager 安全漏洞

dde-file-manager is a Chinese deepin Technology open source file management tool . It has file management functions such as searching, copying, recycling, compressing/uncompressing, viewing file attributes and so on. A security vulnerability exists in dde-file-manager version 6.0.54 and earlier,...

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

CVE-2023-50700

CVE-2023-50700 affects Deepin dde-file-manager up to version 6.0.54. The vulnerability is described as an insecure permission issue where unprivileged users can invoke privileged operations via a D-Bus method. The common descriptions across SUSE, Red Hat, NVD, CNNVD, and others reiterate the same...

PT-2024-13954 · Deepin · Deepin Dde-File-Manager

Name of the Vulnerable Software and Affected Versions: Deepin dde-file-manager versions 6.0.54 and earlier Description: The issue allows privileged operations to be called by unprivileged users via the D-Bus method. Recommendations: For Deepin dde-file-manager versions 6.0.54 and earlier, at the...

CVE-2023-7061

The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's server which may make...

CVE-2023-7062

The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access or higher to read the contents of arbitrary files on the server, which can contain sensitive...

CVE-2023-7061

The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's server which may make...

CVE-2023-7062

CVE-2023-7062 affects the Advanced File Manager Shortcodes WordPress plugin (up to v2.4). It is a Directory Traversal vulnerability caused by inadequate file-path validation, allowing users with Contributor+ to read arbitrary server files and potentially expose sensitive data. Remediation: update...

CVE-2023-7061 Advanced File Manager Shortcode <= 2.5.3 - Authenticated (Contributor+) Arbitrary File Upload

The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's server which may make...

WordPress Advanced File Manager Shortcode plugin <= 2.5.3 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by Colin Xu in WordPress Plugin File Manager Advanced Shortcode versions = 2.5.3...

WordPress File Manager Advanced Shortcode Plugin <= 2.5.3 is vulnerable to Arbitrary File Upload

Software File Manager Advanced Shortcode Type Plugin Vulnerable versions = 2.5.3 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-7061 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID a8417c3a09b4 Credits Colin Xu Required...

WordPress File Manager Advanced Shortcode Plugin <= 2.4 is vulnerable to Directory Traversal

Software File Manager Advanced Shortcode Type Plugin Vulnerable versions = 2.4 Fixed in 2.4.1 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2023-7062 Patch priority Low CVSS severity Low 7.7 Developer Claim ownership PSID a83d051bcbb6 Credits Colin Xu Required privilege...

PT-2024-8564 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 14.1 and earlier Adobe Bridge versions 14.0.4 Adobe Bridge versions 13.0.7 Description: The issue is related to an Integer Overflow or Wraparound that could result in arbitrary code execution in the context of the curren...

WordPress Advanced File Manager plugin <= 5.2.4 - Sensitive Information Exposure via Directory Listing vulnerability

Sensitive Information Exposure via Directory Listing vulnerability discovered by emad in WordPress Plugin Advanced File Manager versions = 5.2.4...

WordPress Advanced File Manager Plugin <= 5.2.4 is vulnerable to Sensitive Data Exposure

Software Advanced File Manager Type Plugin Vulnerable versions = 5.2.4 Fixed in 5.2.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5598 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f0b48a6d68bd Credits emad Required...

CVE-2024-5598

The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fmalocalfilesystem' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive...

CVE-2024-5598

The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fmalocalfilesystem' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive...

CVE-2024-5598

The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fmalocalfilesystem' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive...

CVE-2024-5598

CVE-2024-5598 affects the Advanced File Manager WordPress plugin (all versions up to 5.2.4). The root cause is a Sensitive Information Exposure via the fma_local_file_system pathway, enabling unauthenticated attackers to extract backups or other sensitive data if files were moved to Trash. The Wo...

WordPress plugin Advanced File Manager security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...