Information disclosure

burn allows file names to escape via mishandled quotation marks...

CVE-2009-5043

burn allows file names to escape via mishandled quotation marks...

Cisco Wireless LAN Controller Path Traversal Vulnerability

According to its self-reported version, Cisco Wireless LAN Controller WLC is affected by a directory traversal vulnerability due to improper sanitization of user-supplied input in command-line parameters that describe file names. An authenticated, local attacker can exploit this to view system...

PT-2019-6064 · Qnap · Qnap Photo Station

Name of the Vulnerable Software and Affected Versions: QNAP Photo Station affected versions not specified Description: This issue allows remote attackers to access or modify system files due to external control of file name or path. It is related to incorrect limitation of the directory path name...

CVE-2019-18202

Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests...

The vulnerability of Firefox browsers, caused by display errors in file names in the “Downloads” tab, allows attackers to perform spear-phishing attacks.

The vulnerability of Firefox browsers arises due to errors in the character display in file names within the “Downloads” tab. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

PRODSECBUG-2458: Cross-Site Scripting in image file names

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

Fenrir - Simple Bash IOC Scanner

Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise IOCs: Hashes MD5, SHA1 and SHA256 using md5sum, sha1sum, sha -a 256 File Names string - checked for substring of the full path, e.g. "temp/p.exe" in "/var/temp/p.exe"...

Cross-Site Scripting in webtorrent

Versions of webtorrent prior to 0.107.6 are vulnerable to Cross-Site Scripting. webtorrent servers started with torrent.createServer lists a torrent's title and files in the index page without sanitization. This allows attackers to execute arbitrary JavaScript in the victim's browser through file...

CVE-2019-12402

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress...

Denial Of Service (Dos)

commons-compress is vulnerable to denial of service. The file name encoding algorithm can result in an infinite loop when faced with malicious input. This allows an attacker to cause a denial of service condition using the file names inside of an archive created by Compress...

UBUNTU-CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename. This...

NewStart CGSL MAIN 4.05 : gnupg2 Vulnerability (NS-SA-2019-0135)

The remote NewStart CGSL host, running version MAIN 4.05, has gnupg2 packages installed that are affected by a vulnerability: - A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg...

edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media

Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media...

PT-2019-17687 · Unknown · Http File Server

Name of the Vulnerable Software and Affected Versions: http-file-server all versions Description: A cross-site scripting XSS issue allows an attacker with access to the server file system to execute arbitrary JavaScript code in a victim's browser. The package fails to sanitize filenames, enabling...

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

CVE-2019-13645

Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$fileid$ attachment editing. NOTE: It is asserted that an attacker must have the same access rights as the user in...

CVE-2019-13645

Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$fileid$ attachment editing. NOTE: It is asserted that an attacker must have the same access rights as the user in...

CVE-2019-13645

Firefly III prior to 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript executes during attachments/edit/$file_id$ attachment editing. An attacker must have the same access rights as the user to exploit. A fix is available: upd...

PT-2019-13460 · Firefly Iii · Firefly-Iii

Name of the Vulnerable Software and Affected Versions: Firefly III versions prior to 4.7.17.3 Description: The issue arises from a lack of filtration of user-supplied data in image file names, leading to stored XSS. The JavaScript code is executed during attachments/edit/$file id$ attachment...