779 matches found
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...
CVE-2024-9142
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642...
Directory Traversal
contao/core-bundle is vulnerable to Directory Traversal. The vulnerability is due to insufficient validation or restriction of file paths in the FileSelector widget, allowing authenticated users to access directories outside the intended document root...
The vulnerability of Nomad application orchestrators, related to improper external control of the file name or path during data loading, allows attackers to create archives that unpack files according to paths outside the expected distribution directory.
The vulnerability of Nomad application orchestrators is related to incorrect external management of filenames or file paths during data loading. Exploiting this vulnerability allows an attacker to create a archive that unpacks files using paths outside the expected distribution directory...
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA / Client Access Server CAS IIS HTTP Internal IP Disclosure', 'Description' = %q This module tests vulnerable IIS HTTP header...
Apache Flink JobManager Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink JobManager Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Flink...
MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure", 'Description' = %q This module will use the Microsoft XMLDOM object to enumerat...
CVE-2024-6448
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. This is due to the error reporting being enabled by default in multiple plugin files. This makes it possible for unauthenticated attackers to obtain the full...
Hitachi Energy MicroSCADA X SYS600 参数注入漏洞
Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. The Hitachi Energy MicroSCADA X SYS600 suffers from a paramet...
Arbitrary File Leakage
Mage AI is vulnerable to Arbitrary File Leakage. The vulnerability is due to improper validation and handling of file paths in the "File Content" request, which allows unauthorized users to access files outside of their intended scope...
Path Traversal
Mage AI is vulnerable to Path Traversal. The vulnerability is due to improper handling of file paths in the "Pipeline Interaction" request, which allows an attacker to leak arbitrary files from the Mage server...
Path Traversal
Filament Excel is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the export download route '/filament-excel/path', allowing the use of ../ to navigate directories and access unauthorized files...
CVE-2024-5330
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
httpd: Improper escaping of output in mod_rewrite
A flaw was found in the modrewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure...
Improper Verification Of Cryptographic Signature
electron-updater is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is caused due to improper handling and comparison of file paths, allowing an attacker to bypass signature verification by exploiting environment variable expansion and tricking the application in...
lollms vulnerable to dot-dot-slash path traversal in XTTS server
A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in...
CVE-2024-6139
A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in...
CVE-2024-6139 Path Traversal in parisneo/lollms
A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in...
CVE-2024-6139
CVE-2024-6139 affects the XTTS server in parisneo/lollms v9.6. The issue stems from improper validation of user-provided file paths in the tts_to_file endpoint, enabling path traversal that allows writing audio files to arbitrary locations and enumerating file paths. The CVSSv3 base score is 7.3 ...
CVE-2024-6139 Path Traversal in parisneo/lollms
A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in...