Soil 跨站脚本漏洞

Soil is Roots open source a WordPress plugin . Used to apply theme-independent front-end modifications. A cross-site scripting vulnerability exists in Soil versions prior to 4.1.0, which originates in the function languageattributes in the file src/Modules/CleanUpModule.php, where manipulation of...

Apple iOS 安全漏洞

Apple iOS is an operating system developed by Apple Inc. for mobile devices. A security vulnerability exists in Apple iOS versions prior to 16, which stems from a problem with the path to a file used to store website data, and can be exploited by an attacker to access browsing history. The...

Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download

The plugin does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server. PoC 1. Install woocommerce dependency, no setup required 2. Install the vulnerable plugin...

CVE-2022-45918

ILIAS before 7.16 allows External Control of File Name or Path...

Path traversal

ILIAS before 7.16 allows External Control of File Name or Path...

PT-2022-27685 · Ilias · Ilias

Name of the Vulnerable Software and Affected Versions: ILIAS versions prior to 7.16 Description: The issue allows for external control of file name or path. Recommendations: For versions prior to 7.16, update to version 7.16 or later to resolve the issue...

CVE-2022-45918

CVE-2022-45918 affects ILIAS eLearning platform prior to 7.16. The vulnerability is External Control of File Name or Path, with upstream advisories and Red Hat corroborating that versions

Senayan Library Management System 9.5.1 SQL Injection

Title: Senayan Library Management System v9.5.1 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.06.2022 Vendor: https://slims.web.id/web/ Software: https://slims.web.id/web/news/rilis-9.5.1/ Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.1...

xsjczx Shaoxing Background Management System SQL注入漏洞

The xsjczx Shaoxing Background Management System is a background management system from the Chinese company xsjczx punctuation information technology. A SQL injection vulnerability exists in xsjczx Shaoxing Background Management System, which originates from unknown code in the file /Default/Bd,...

CVE-2022-41158

Remote code execution vulnerability can be achieved by using cookie values as paths to a file by this builder program. A remote attacker could exploit the vulnerability to execute or inject malicious code...

CVE-2022-44139

Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php...

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

CVE-2022-44725

OPC Foundation Local Discovery Server LDS through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS running as a high-privilege user...

GLSA-202210-24 : FreeRDP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-24 FreeRDP: Multiple Vulnerabilities - FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections /gt:rpc fai...

CVE-2021-35387

Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php...

Nextcloud: CSRF vulnerability in Nextcloud Desktop Client 3.6.1 on Windows when clicking malicious link

Summary It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link. e.g. in an email, chat link, etc This vulnerability was introduced in an attempt to fix 1720043. The patch however can be bypassed and also introduced a CSRF vulnerability...

Dell GeoDrive Path Traversal Vulnerability

Dell GeoDrive is a free application from Dell, Inc. It provides access to Dell EMC ECS and Atmos storage from Microsoft Windows desktops and servers. A path traversal vulnerability exists in Dell GeoDrive versions prior to 2.2.3. The vulnerability stems from a failure of a networked system or...

CVE-2021-20030

SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...

Design/Logic Flaw

SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...