Siemens RUGGEDCOM CROSSBOW 安全漏洞

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a File Name or Path External Control vulnerability due to an affected system allowing a privileged user to upload generic files to the root installation director...

RHEL 7 : perl-file-path (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-File-Path: rmtree/removetree race condition CVE-2017-6512 Note that Nessus has not tested for this issue but h...

CVE-2024-34245

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtmljsaction.php...

PT-2024-32239

Name of the Vulnerable Software and Affected Versions Campcodes Complete Web-Based School Management System version 1.0 Description A problematic issue has been found in the system, affecting the /view/exam timetable grade wise.php file. The exam argument is vulnerable to cross-site scripting...

PT-2024-32266 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A problematic issue was found in the file /view/conversation history admin.php, where the manipulation of the conversation id argument leads to cross site scriptin...

CVE-2024-33860

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion LFI when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs...

Exploit for CVE-2024-31848

Exploiting CData within Jetty servers - CVE-2024-31848/49/50/5...

PT-2024-3627 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 Description: The issue is related to incorrect external control of a file name or path, which could allow an attacker to cause a denial of service. A local attacker with high privileges may...

CVE-2024-33860

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion LFI when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs...

CVE-2024-33860

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion LFI when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.4.0 that stems from the ability to view the contents of a specified file in incoming logs when an arbitrary file path is used in the file system collector...

Desdev DedeCMS 跨站请求伪造漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Desdev Network Desdev. The system has content publishing, content management, content editing and content retrieval functions. A cross-site request forgery vulnerability...

CVE-2024-32982

Litestar and Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion LFI vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws,...

PT-2024-31453 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic, affecting an unknown part of the file /view/teacher salary invoice1.php. The manipulation of th...

PT-2024-31487 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A vulnerability was found in the file /view/teacher salary details.php, where the manipulation of the index argument leads to cross site scripting. The attack can ...

PT-2024-31426 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC up to 20240428 Description: A critical issue has been found in Ruijie RG-UAC, affecting an unknown functionality of the file /view/IPV6/naborTable/add commit.php. The manipulation of the ip addr/mac addr argument leads to os...

CVE-2024-28072

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-28072

SolarWinds Serv-U FTP Server is affected by CVE-2024-28072: a highly privileged account can overwrite arbitrary files via log output due to unsanitized log file path tags. Affected versions include 15.4.0–15.4.2 (HF1). Remediation: upgrade to 15.4.3 or apply 15.4.2 HF1 where available.

CVE-2024-28072 Arbitrary File Overwrite Vulnerability

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-28072 Arbitrary File Overwrite Vulnerability

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...