Jenkins 访问控制错误漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins has an Access Control Error vulnerability that stems from FilePathmkdirs create parent directory operation is n...

PT-2021-5384 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier Jenkins LTS versions 2.303.2 and earlier Description: The issue is related to the FilePathlistFiles component of the Jenkins automation server, which lacks an authorization procedure. This can be exploited b...

PT-2021-5285 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to a bypass of the file path filtering mechanism in Jenkins, allowing an attacker to impact the confidentiality, integrity, and availabilit...

PT-2021-5284 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier Jenkins LTS versions 2.303.2 and earlier Description: The issue is related to a lack of authorization procedure in the Jenkins automation server. This allows a remote attacker to create parent directories in...

Huawei Emui and Magic UI Unauthorized File Access Vulnerability (CNVD-2021-83529)

Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. A security vulnerability exists in Huawei Emui and Magic UI. An attacker can exploit the vulnerabilities to cause unauthorized file access by creating malicious fi...

CVE-2020-36378

An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

CVE-2020-36377

An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

CVE-2020-26707

An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter...

Code injection

An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

CVE-2020-36379

An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

Shenzhim Aaptjs 操作系统命令注入漏洞

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the packageCmd function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

Shenzhim Aaptjs 操作系统命令注入漏洞

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the list function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

Mycodo path traversal vulnerability

Mycodo is an environment monitoring and conditioning system. Used to couple inputs and outputs to sense and manipulate the environment, Mycodo is vulnerable to a path traversal vulnerability in versions prior to 8.12.7, which stems from a networked system or product failing to properly filter...

CVE-2021-39224 File path disclosure of shared files in OfficeOnline application

Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud OfficeOnline application prior to version 1.1.1 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. e.g. an attacker could see that the file shared.txt is locat...

CVE-2021-39223 File path disclosure of shared files in Richdocuments application

Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Richdocuments application prior to versions 3.8.6 and 4.2.3 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. e.g. an attacker could see that the file...

Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure

Exploit Title: Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure Date 04.10.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://forum.ait-pro.com/read-me-first/ Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.1.zip Version: =...

Design/Logic Flaw

JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as...

CVE-2021-41106: File reference keys leads to incorrect hashes on HMAC algorithms

Description Impact Users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and,...

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

Lcobucci jwt 数据伪造问题漏洞

Jwt is a simple library that uses Json Web Token and Json Web Signature. Lcobucci jwt is vulnerable to a data forgery issue that stems from a failure to validate data in the product based on the hmac algorithm using a file path as a hash key to validate the token. An attacker could initiate a...