CVE-2019-7667

Prima Systems FlexAir, Versions 2.3.38 and prior. The application generates database backup files with a predictable name, and an attacker can use brute force to identify the database backup file name. A malicious actor can exploit this issue to download the database file and disclose login...

New Mac cryptominer Malwarebytes detects as Bird Miner runs by emulating Linux

A new Mac cryptocurrency miner Malwarebytes detects as Bird Miner has been found in a cracked installer for the high-end music production software Ableton Live. The software is used as an instrument for live performances by DJs, as well as a tool for composing, recording, mixing, and mastering. A...

Phraseanet 4.0.7 - Cross-Site Scripting

Phraseanet 4.0.7 - Cross-Site Scripting Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

CVE-2018-12299

Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names...

Privilege Escalation

tcmu-runner is vulnerable to privilege escalation. The vulnerability exists in implementation of the CheckConfig method in handlerqcow.so of the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could use this flaw to leak arbitrary file names which might not be...

Arbitrary File Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Arbitrary Code Execution

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files...

The vulnerability of Samba software, related to overflow of dynamic memory buffers, allows a hacker to execute arbitrary code.

The vulnerability of Samba software is related to the overflow of dynamic memory buffers when the file name in the directory is too long. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

EulerOS Virtualization 2.5.3 : curl (EulerOS-SA-2019-1163)

According to the version of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file...

CVE-2019-0160

Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media...

WinRAR ACE File Name Logic Validation Bypass Vulnerability

WinRAR is a compressed package manager, as the archive tool RAR in the Windows environment with a graphical interface, can be used to back up data, compressed files, decompression of RAR/ZIP and other formats of the file, create RAR/ZIP and other formats of compressed files, has been more widely...

GHSA-6CPC-MJ5C-M9RQ Arbitrary File Write in cli

Affected versions of cli use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the cli process has permission to write to. Proof of Concept By...

Path traversal

Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory...

CVE-2018-16480

A XSS vulnerability was found in module public 0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering...

Open-Xchange (OX) App Suite XSS Vulnerability (59507)

File names of attachments of PIM objects appointments, contacts, tasks can be used to inject script code. Sharing such objects with other users allows to attack them. This requires both a trust relationship between those users - or both have to be provisioned to the same context. Copyright C 2019...

PHP 5.6.x < 5.6.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

PHP 7.0.x < 7.0.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

Remote Code Execution (RCE)

github.com/go-gitea/gitea is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the lack of sanitization on file names, where uploading a malicious file allows attacker to become another user and subsequently using hooks to perform RCE attacks...

Doppelganger - Python Script To Scan Duplicate Copies In A Given Directory

Doppelganger is a python script to scan duplicate copies in a given directory. This tool compare not only file names, but also file hashes to ensure no false search results. Features Find duplicate music Find duplicate videos Find duplicate pictures Find duplicate documents How doppelganger searc...

gitea -- privilege escalation, XSS

The Gitea project reports: Security Sanitize uploaded file names HTMLEncode user added text...