PT-2023-26398 · Dedebiz · Dedebiz

Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2.10 Description: A problematic issue has been found in DedeBIZ, affecting some unknown functionality of the file /admin/sys sql query.php. The manipulation of the sqlquery argument leads to sql injection. The attack can be...

CVE-2023-3836

A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

auto-cve-2022-44268 Automating expl...

Campcodes Retro Cellphone Online Store 跨站脚本漏洞

Campcodes Retro Cellphone Online Store is a retro cellphone online store by Campcodes. A cross-site scripting vulnerability exists in Campcodes Retro Cellphone Online Store version 1.0, which stems from the parameter un in the file /admin/addusermodal.php can lead to cross-site scripting...

CVE-2023-3626

A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...

Arbitrary File Read

MechanicalSoup is vulnerable to Arbitrary File Read. The vulnerability is due to improper file path sanitization which allows an attacker to read arbitrary files on the web server using the tag inside an HTML form...

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2023-3315

Summary Vulnerability CVE-2023-3315 affects the Team Concert plugin of IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2023-3315 DESCRIPTION: Jenkins Team Concert could allow a remote authenticated attacker to obtain sensitive information, caused by improper permission...

GHSA-WJ7Q-GJG8-3CPM league/oauth2-server key exposed in exception message when passing as a string and providing an invalid pass phrase

Impact Servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a LogicException message if they did not provide a valid pass phrase for the key where required. Patches This issue has been patched so that the provided key is...

Apache Linkis Unrestricted File Upload vulnerability

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

Design/Logic Flaw

league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a LogicException...

VulnCheck KEV: CVE-2022-39952

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via...

CVE-2023-27469

Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...

Arbitrary file deletion

Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...

PT-2023-19128 · WordPress · Wpgraphql

Name of the Vulnerable Software and Affected Versions: WPGraphQL versions 1.14.5 and earlier Description: A Server-Side Request Forgery SSRF issue affects WPGraphQL, allowing authenticated users with media upload capabilities to execute the createMediaItem mutation and potentially gain unwarrante...

Tenable Network Security Nessus 安全漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. A security vulnerability exists in Tenable Tenable.Io prior to 202306261202, Tenable Nessus prior to 202306261202, and Tenable Security Center prior to 202306261202, which originates...

CVE-2023-36192

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c...

WAVLINK WN579X3 注入漏洞

WAVLINK WN579X3 is a wireless access point from China RuiYin Technology WAVLINK. An injection vulnerability exists in Wavlink WN579X3 versions prior to 20230615, which stems from a problem with the file /cgi-bin/adm.cgi, where incorrect manipulation of the parameter pingIp can lead to injection...

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass...

Path Traversal

froxlor/froxlor is vulnerable to Path Traversal. The vulnerability exists due to a lack of file path validation in adminautoupdate.php, which allows an attacker to access files outside the expected directory and read arbitrary files through relative paths such as \..filename...