CVE-2021-23428

This affects all versions of package elFinder.NetCore. The Path.Combine... method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal...

Path traversal

This affects all versions of package elFinder.NetCore. The Path.Combine... method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal...

CVE-2021-23428 Directory Traversal

This affects all versions of package elFinder.NetCore. The Path.Combine... method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal...

CVE-2021-36233

The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...

CVE-2021-34651

The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

Cisco Packet Tracer代码问题漏洞

Cisco Packet Tracer is a cross-platform visual emulation tool that allows users to create network topologies and emulate computer networks. The vulnerability can be exploited to execute arbitrary code on the affected system with the privileges of another user account by inserting a configuration...

PT-2021-10786 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress version 1.1 Description: A Cross Site Request Forgery CSRF issue exists, allowing unauthorized actions. The DeleteFile function in flat/admin.php is affected. Recommendations: For FlatPress version 1.1, consider disabling the...

CVE-2021-23415

This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path...

Path traversal

NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability...

KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure Vulnerabilities

KevinLAB BEMS version 1.0 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the page GET parameter in index.php is not properly verified before being used to include files. This can be exploited to disclose the contents of arbitrary and sensitive files vi...

KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure

KevinLAB BEMS 1.0 Authenticated File Path Traversal Information Disclosure Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy...

KevinLAB BEMS 1.0 Authenticated File Path Traversal Information Disclosure

Summary KevinLab is a venture company specialized in IoT, Big Data, A.I based energy management platform. KevinLAB's BEMS Building Energy Management System enables efficient energy management in buildings. It improves the efficient of energy use by collecting and analyzing various information of...

Dell Wyse Management Suite 信息泄露漏洞

DELL Dell Wyse Management Suite is a scalable solution for managing and optimizing Wyse endpoints from Dell USA. The product includes centralized management of Wyse endpoints, asset tracking and automated device discovery. A security vulnerability exists in Wyse Management Suite 3.2 and prior...

CVE-2021-23407

This affects the package elFinder.Net.Core from 0 and before 1.2.4. The user-controlled file name is not properly sanitized before it is used to create a file system path...

CVE-2021-32734 File path disclosure of shared files in Nextcloud Text application

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...

File path disclosure of shared files in Nextcloud Text application

None...

MDT AutoSave 路径遍历漏洞

MDT AutoSave is a software application. It provides an automated change management function. A path traversal vulnerability exists in MDT Autosave. An attacker could exploit this vulnerability to allow a specified path to be changed to another path, causing an existing file to be replaced with a...

Directory traversal

QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated attackers to list arbitrary directories by injecting file path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3...

Nextcloud: Text app leaks file path of shared files

By sending a request for a share without a README.md, the whole file path will be returned to the user: PUT /apps/text/public/session/create?token=EHTs4P7kATowiMg HTTP/1.1 Host: cloud.nextcloud.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:89.0 Gecko/20100101 Firefox/89.0 Accept...

Chamilo LMS SQL注入漏洞

Chamilo is a learning management system focused on ease of use and accessibility. A SQL injection vulnerability exists in main/inc/ajax/model.ajax.php in Chamilo 1.11.14 and earlier versions. The vulnerability can be exploited by an attacker to conduct a SQL injection attack via the searchField,...