PT-2023-2981 · D Link · D-Link Dir-300

Name of the Vulnerable Software and Affected Versions: D-Link DIR-300 firmware versions =REVA1.06 and =REVB2.06 Description: The issue is related to incorrect external control of a file name or path in the /model/ lang msg.php script of the D-Link DIR-300 router's firmware. This can be exploited ...

PT-2023-19139 · Unknown · Sourcecodester Online Dj Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online DJ Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Online DJ Management System. The issue affects an unknown function of the file admin/events/manage event.php,...

Access bypass in Drupal core

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

UBUNTU-CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

CVE-2023-2216

A vulnerability classified as problematic was found in Campcodes Coffee Shop POS System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument firstname leads to cross site scripting. The attack can be launched remotely. Th...

UBUNTU-CVE-2021-3429

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

UBUNTU-CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

Design/Logic Flaw

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier registers its Windows service executable with an unquoted file path. If a malicious executable is placed on the unquoted path, it may be executed with the privilege of the Windows service, enabling local privilege escalation. Affected software: ELECOM WAB-MAT (Wind...

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability in the file /classes/Master.php?f=updateorderstatus, where the parameter id of the function...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2023-27602

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

CVE-2023-27602 Apache Linkis publicsercice module unrestricted upload of file

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

Apache Linkis 代码问题漏洞

Apache Linkis is a library of the U.S. Apache Apache Foundation. Helps to easily connect various backend compute/storage engines. An arbitrary file upload vulnerability exists in Apache Linkis 1.3.1 and earlier versions, which stems from the PublicService module uploading files without restrictio...

PT-2023-13054 · Osticket · Osticket

Name of the Vulnerable Software and Affected Versions: osTicket osTicket-plugins versions prior to commit a7842d494889fd5533d13deb3c6a7789768795ae Description: The issue is a Cross Site Scripting XSS vulnerability in the audit/templates/auditlogs.tmpl.php file. This vulnerability can be exploited...

ChiKoi v1.0 - SQL Injection

Title: ChiKoi-1.0 SQLi Author: nu11secur1ty Date: 01.12.2023 Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi Description: The...

ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Vulnerability

Exploit Title: ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Author: nu11secur1ty Vendor: https://www.manageengine.com/ Software: https://www.manageengine.com/privileged-session-management/download.html Reference:...

CVE-2023-1682

A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to t...

PT-2023-17165 · Xunruicms · Xunruicms

Name of the Vulnerable Software and Affected Versions: Xunrui CMS version 4.61 Description: A vulnerability has been found in an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. Recommendations: For...