CVE-2017-6921 File REST resource does not properly validate

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

CVE-2017-6921

CVE-2017-6921 affects Drupal 8.x prior to 8.3.4, where the file REST resource does not properly validate certain fields when manipulating files. Exploitation requires the RESTful Web Services (rest) module enabled, the file REST resource enabled and allowing PATCH requests, and an attacker who ca...

CVE-2017-6921

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

Design/Logic Flaw

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

CVE-2017-6921

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

Microsoft Windows - MsiAdvertiseProduct Arbitrary File Copy/Read Exploit

Exploit for windows platform in category local exploits The bug is in “MsiAdvertiseProduct” Calling this function will result in a file copy by the installer service. This will copy an arbitrary file that we can control with the first parameter into c:\windows\installer … a check gets done while...

CVE-2018-18332

CVE-2018-18332 affects Trend Micro OfficeScan XG; weak file permissions could let an attacker manipulate key file permissions to modify other files and folders on vulnerable installations. CVSSv3 shows HIGH impact (7.5) with network access and no authentication; no remediation details are provide...

Responsive FileManager 9.13.4 XSS / File Manipulation / Traversal

Responsive FileManager 9.13.4 - Multiple Vulnerabilities Date: December 12, 2018 Author: farisv Vendor Homepage: https://www.responsivefilemanager.com/ Vulnerable Package Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.13.4/responsivefilemanager.zip Responsive FileManag...

Path traversal

A flaw was found in qemu Media Transfer Protocol MTP before version 3.1.0. A path traversal in the in usbmtpwritedata function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lea...

Novahot - A Webshell Framework For Penetration Testers

novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals...

CVE-2018-19044

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...

Apache Struts Commons FileUpload Library Remote Code Execution Vulnerability Affecting Cisco Products: November 2018

On November 5, 2018, the Apache Struts Team released a security announcement urging an upgrade of the Commons FileUpload library to version 1.3.3 on systems using Struts 2.3.36 or earlier releases. Systems using earlier versions of this library may be exposed to attacks that could allow execution...

Drupal 8.x < 8.3.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain operations. An unauthenticated, remote attacker can exploit this to execute arbitra...

GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201810-08 PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. In addition it was discovered that Gentoos PostgreSQL installati...

CVE-2018-17828

Summary: CVE-2018-17828 is a directory-traversal flaw in ZZIPlib 0.13.69 where an attacker can overwrite arbitrary files via ".." in a zip, due to unzzip_cat in bins/unzzipcat-mem.c. The connected advisories confirm affected packages across Linux distros and provide remediation by updating zzipli...

CVE-2018-16709

Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands...

CVE-2018-0659

Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file...

CVE-2018-0659

Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file...

CVE-2018-15605

An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature...

CVE-2018-15573

An issue was discovered in Reprise License Manager RLM through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk as long as rlm.exe has access to it via /goform/editlfprocess with file content in the lfdata parameter and a pathname in the lf parameter. By...