JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine from the JerryScript Jerryscript project. JerryScript has a security vulnerability that stems from an assertion failure in /js/js-parser.c in JerryScript commit a6ab5e9...

WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)

Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...

CVE-2022-24646

Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters...

Path Traversal

A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...

iTunesRPC-Remastered OS Command Injection Vulnerability

iTunesRPC-Remastered is a rich discordant state application used with iTunes and Apple Music. iTunesRPC-Remastered suffers from an operating system command injection vulnerability that stems from iTunesRPC-Remastered not properly cleaning the image file path. An attacker could exploit this...

WordPress Plugin RVM 代码问题漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. A cross-site request forgery vulnerability exists in WordPress RVM, which originates from the rvmuploadfilepath parameter in the produ...

iTunesRPC-Remastered 操作系统命令注入漏洞

iTunesRPC-Remastered is a rich discordant state application used with iTunes and Apple Music. iTunesRPC-Remastered suffers from an operating system command injection vulnerability that stems from iTunesRPC-Remastered not properly cleaning the image file path. An attacker could exploit this...

USN-5030-2 libdbi-perl vulnerabilities

USN-5030-1 addressed vulnerabilities in Perl DBI module. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker...

USN-5261-1: Phusion Passenger vulnerabilities

It was discovered that Phusion Passenger incorrectly handled a file path in the application root folder. An attacker could possibly use this issue to read arbitrary files. CVE-2017-16355 It was discovered that Phusion Passenger had a race condition in the nginx module that could be used to perfor...

CVE-2022-23597 Remote program execution with user interaction

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

Element Desktop 资源管理错误漏洞

Element Desktop is an open source Matrix client for the Element Web-centered desktop platform from Element. A resource management error vulnerability exists in Element Desktop that can be exploited by an attacker to specify the path to a binary file on the victim's computer...

Mageia: Security Advisory (MGASA-2018-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-46331

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype...

WP Ultimate CSV Importer < 6.4.1 - Subscriber+ Arbitrary File Upload

The plugin does not have authorisation and CSRF checks when uploading zip files via the zipupload AJAX call, and does not perform any check on the files to be extracted. As a result, any authenticated user, such as subscriber could upload an archive with PHP files in it, leading to RCE As any...

CVE-2021-46165

Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...

Apache James path traversal vulnerability

Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java by the Apache Foundation. Apache James in version 3.6.1 contains a path traversal vulnerability that stems from a failure of a networked system or product to properly filter special...

Django path traversal vulnerability (CNVD-2022-31938)

Django is the Django Foundation's set of Python-based language open source Web application framework . The framework includes an object-oriented mapper, view system, template system, etc. Django version 2.2 before 2.2.26, 3.2.11 before 3.2.2, and 4.0.1 before 4.0.0 contains a path traversal...

CVE-2021-45255

The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...

CVE-2021-45253

The id parameter in viewstorage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted...

CVE-2021-45253

The id parameter in viewstorage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted...