Mageia: Security Advisory (MGASA-2022-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0090 Updated webmin packages fix security vulnerability

Less privileged Webmin users who do not have any File Manager module restrictions configured can access files with root privileges, if using the default Authentic theme CVE-2022-0824, CVE-2022-0829...

Exploit for Improper Access Control in Webmin

Webmin-CVE-2022-0824-revshell Vulnerability Description...

WordPress Categorify – WordPress Media Library Category & File Manager plugin <= 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Categorify – WordPress Media Library Category & File Manager plugin versions = 1.0.4. Solution Update the WordPress Categorify – WordPress Media Library Category & File Manager plugin to the latest available version at least...

The vulnerability of the File Manager component in Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the File Manager component in Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2022-25104

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...

CVE-2022-25104

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...

Arbitrary file deletion

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...

Design/Logic Flaw

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

HorizontCMS 安全漏洞

HorizontCMS is a customer relationship management web platform for individual developers. A security vulnerability exists in HorizontCMS, which was discovered to contain an arbitrary file download vulnerability via the /admin/file-manager/ component...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2022-25401

CVE-2022-25401 affects Cuppa CMS v1.0. The vulnerability lies in the file manager’s copy function, which allows copying any file into the current directory, granting attackers read access to arbitrary files. This is described across multiple connected sources (NVD entry and related advisories) as...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0042-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0042-1 advisory. - Use after free in File Manager. CVE-2022-0603 - Heap buffer overflow in Tab Groups. CVE-2022-0604 - Use after free in Webstore API...

Improper Access Control in File Manager module

Description In Webmin 1.984, any authenticated low privilege user who did not have access to the File Manager module could interact with a variety of file manager capabilities such as modifying file ownership chown, viewing file properties, listing or deleting files and directories on the server...

Use-After-Free

chromium is vulnerable to use-after-free. The vulnerability is possible because of a flaw in the component File Manager, leading to a memory corruption issue resulting in a use-after-free vulnerability...

CVE-2022-22914

An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal...

CVE-2022-22914

An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal...