CVE-2018-13281

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager DSM before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the filepath parameter...

CVE-2018-13281

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager DSM before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the filepath parameter...

PT-2018-11724 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2-23739-2 Description: The issue allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file path parameter. This is related to an...

Remote Code Execution (RCE)

salt is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the improper processing of spaces in the file path which may allow RCE attacks...

CVE-2018-14820

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing...

CVE-2018-10824

An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0...

D-Link Router Password Plaintext Storage Vulnerability

The DWR-116, DIR-140, and DIR-640 are all D-Link router products. A password plaintext storage vulnerability exists in several series of D-Link routers, which stems from the administrative password being stored in plaintext in the /tmp/XXX /0 file. An attacker with directory traversal or LFI can...

Arbitrary File Write

zziplib is vulnerable to arbitrary file writes. The library does not properly sanitize file paths, allowing a malicious user to overwrite arbitrary files on the system by passing a zip file with .. in it...

CVE-2018-1150

NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists...

Directory Traversal

camel-mail is vulnerable to a directory traversal attack. The library does not properly sanitize the file path, allowing a malicious user to gain access to the files on the system...

Cagintranet GetSimple CMS Cross-Site Request Forgery Vulnerability

Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site request forgery vulnerability exists in Cagintranet GetSimple CMS version...

Mozilla: Proxy bypass using automount and autofs

Firefox proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configured proxy settings. This issue only affects OS X in default...

Directory Traversal

webtales/rubedo is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of the file path in the theme component, allowing directory traversal attacks...

UBUNTU-CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

CVE-2018-10904

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient...

CVE-2018-10904

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. An attacker can use this flaw to create files and execute arbitrary code. To exploit this, the attacker would require...

niubicmsv background database restore at the existence of arbitrary file download vulnerability

niubicms is by the Nanjing Niukun Network Technology Co., Ltd. independent research and development of the novel website source code, news website source code, for PHP open source system. niubicmsv background database restore the existence of arbitrary file download vulnerability. The vulnerabili...

Microsoft Windows Firewall: Domain: Logging: Name

This setting specifies the path and name of the file in which Windows Firewall will write its log information. Copyright C 2018 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...

VulnCheck KEV: CVE-2018-8414

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths...

CVE-2018-15186

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php...