3146 matches found
Improper Access Control in File Manager module
Description In Webmin 1.984, any authenticated low privilege user who did not have access to the File Manager module could interact with a variety of file manager capabilities such as modifying file ownership chown, viewing file properties, listing or deleting files and directories on the server...
Use-After-Free
chromium is vulnerable to use-after-free. The vulnerability is possible because of a flaw in the component File Manager, leading to a memory corruption issue resulting in a use-after-free vulnerability...
CVE-2022-22914
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal...
CVE-2022-22914
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal...
Improper Access Control to Remote Code Execution
Description In Webmin v1.984, affecting File Manager module, any authenticated low privilege user without access rights to the File Manager module could interact with file manager functionalities such as download file from remote URL and change file permission chmod. It is possible to achieve...
PT-2022-1959 · Webmin +1 · Webmin +1
Name of the Vulnerable Software and Affected Versions: webmin versions prior to 1.990 Description: The issue is related to improper access control in the webmin repository, which can lead to remote code execution. This is due to weaknesses in the authorization mechanism of the File Manager module...
Tiny File Manager 2.4.3 Shell Upload Exploit
Tiny File Manager Example: ./exploit.sh http://files.ubuntu.local/index.php admin "email protected" https://github.com/febinrev/tinyfilemanager-2.4.3-exploit !/bin/bash check which curl if $? = 0 then printf "✔ Curl found! \n" else printf "❌ Curl not found! \n" exit fi which jq if $? = 0 then...
Chromium: CVE-2022-0603 Use after free in File Manager
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Google Chrome Resource Management Error Vulnerability (CNVD-2022-20558)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that stems from a release and reuse technique within the file manager component. A remote attacker could exploit this vulnerability to create a specially crafted w...
Tiny File Manager 2.4.3 Shell Upload
Tiny File Manager Example: ./exploit.sh http://files.ubuntu.local/index.php admin "admin@123" https://github.com/febinrev/tinyfilemanager-2.4.3-exploit !/bin/bash check which curl if $? = 0 then printf "✔ Curl found! \n" else printf "❌ Curl not found! \n" exit fi which jq if $? = 0 then printf "✔...
Chrome Zero-Day Under Active Attack: Patch ASAP
Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation...
Path Traversal in prasathmani/tinyfilemanager
Description A Path Traversal vulnerability exists in Tiny File Manager, which allows the upload of files to an arbitrary location in the server. This flaw derives from the way that the file upload/creation is handled when a file with the same name already exists in the target directory. Affected...
New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP!
Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is...
FreeBSD : chromium -- multiple vulnerabilities (e12432af-8e73-11ec-8bc4-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e12432af-8e73-11ec-8bc4-3065ec8fd3ec advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed ...
Google Chrome和Chrome OS 资源管理错误漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that stems from a release and reuse technique within the file manager component. A remote attacker could exploit this vulnerability to create a specially crafted w...
KLA12462 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in File Manager can be exploited t...
Google Chrome < 98.0.4758.102 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 98.0.4758.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202202stable-channel-update-for-desktop14 advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to...
Google Chrome < 98.0.4758.102 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 98.0.4758.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202202stable-channel-update-for-desktop14 advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 11 security fixes, including: 1290008 High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng @ret2happy on 2022-01-22 1273397 High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24 1286940 High...
CVE-2022-0107
Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...