779 matches found
Improper Path Sanitisation
cloudfoundry/archiver is vulnerable to improper path sanitization. The vulnerability is due to not sanitizing relative file paths while processing archive entries. This can result in an attacker writing/overwritting files outside of the target directory leading to denial of service or loss of...
Jupiter X Core <= 2.5.0 - Unauthenticated Arbitrary File Download
Description The plugin does not have authorisation checks and does not validate file paths in the handlefiledownload function, allowing unauthenticated users to download arbitrary files from the server when the premium version of the plugin is activated...
WordPress Otter - Gutenberg Blocks Plugin < 2.2.6 PHAR Deserialization Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:themeisle:otter"; if description...
Arbitrary File Write
Jenkins Pipeline Utility Steps Plugin is vulnerable to Arbitrary File Write. The vulnerability exists due to not validating file paths of files contained within archives which allows an attacker to provide crafted archives as parameters to create or replace arbitrary files on the file system...
Jenkins Code Dx Plugin 路径遍历漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins Plugin Sidebar Link 路径遍历漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Access Control Bypass
drupal/core is vulnerable to Access Control Bypass. The vulnerability is due to the download facility failing to sufficiently sanitize file paths, resulting in private file exposure to users who shouldn't have access...
Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization
The plugin does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP addFromString'test.png', 'text'; $phar-setStub"\xff\xd8\xff\n"; $phar-setMetadatanew Evil; $phar-stopBuffering; 2. As an Author user,...
CVE-2023-31250
The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...
Design/Logic Flaw
The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...
Arbitrary File Write
MindsDB is vulnerable to Arbitrary File Write. The vulnerability exists due to an unsafe extraction process in file.py which does not ensure relative file paths are escaped allowing an attacker to write arbitrary files outside the expected directory...
Online Computer and Laptop Store Path Traversal Vulnerability
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A path traversal vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the fact that the parameter path in the file /classes/Master.php?f=deleteim...
CVE-2023-1381 WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code...
ELECOM WAB-MAT 代码问题漏洞
ELECOM WAB-MAT is a management tool for enterprise access points from ELECOM. A security vulnerability exists in ELECOM WAB-MAT version 5.0.0.8 and earlier, which originates from the use of unquoted file paths to register its Windows service executable...
AZL-25707 CVE-2023-28617 affecting package emacs for versions less than 28.2-5
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters...
Path Traversal
github.com/gookit/goutil is vulnerable to Path Traversal Zip Slip. The vulnerability exists because the Unzip function in operate.go does not properly sanitize the relative file paths, allowing an attacker to access files outside the expected directory...
CVE-2023-25579
Nextcloud server is a self hosted home cloud product. In affected versions the OC\Files\Node\Folder::getFullPath function was validating and normalizing the string in the wrong order. The function is used in the newFile and newFolder items, which may allow to creation of paths outside of ones own...
SUSE CVE-2017-5223
An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base...
SUSE CVE-2020-26954
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...
Jenkins Plugin Semantic Versioning 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerabilit...