779 matches found
Path traversal
connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths...
Command injection
iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade...
Mageia: Security Advisory (MGASA-2018-0059)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Lexmark path traversal vulnerability
Lexmark is a family of printers in the U.S. A path traversal vulnerability exists in Lexmark devices, which stems from the product's failure to properly filter special elements in resource or file paths. An attacker could access the PJL directory through this vulnerability and could override...
ChronoEngine ChronoForms Path Traversal Vulnerability
ChronoEngine ChronoForms is ChronoEngine company an easy to use and flexible Joomla form builder . A path traversal vulnerability exists in ChronoEngine ChronoForms that stems from the product failing to properly filter for special elements in the path of a resource or file. An attacker could use...
Ws Scrcpy 安全漏洞
Ws Scrcpy is a web client for Genymobile/Scrcpy and others. A security vulnerability exists in Ws Scrcpy that stems from the fact that ws-scrcpy is susceptible to external control of file names or paths...
WordPress Plugin Path Traversal Vulnerability (CNVD-2021-101672)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. True Ranker plugin is a WordPress open source application plugin. WordPress True Ranker plugin has a path traversal...
The vulnerability of Cisco Firepower Threat Defense’s microprogramming software relates to improper external control of file names or file paths, allowing attackers to escalate their privileges.
The vulnerability of Cisco Firepower Threat Defense’s microprogramming software is related to improper external manipulation of the file name or file path. Exploiting this vulnerability can allow attackers to enhance their privileges by executing commands through the command line interface...
CVE-2021-43775 Arbitrary file reading vulnerability in Aim
Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...
Unrestricted access to predictable file paths in hov/jobfair
An issue was discovered in the jobfair aka Job Fair extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded...
CVE-2021-21686
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories...
CVE-2021-21686
A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...
CVE-2021-36991
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access...
CVE-2021-36991
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access...
Gurock Testrail 7.2.0.3014 - (files.md5) Improper Access Control Vulnerability
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Reference:...
Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...
Improper access control
Improper Access Control in Gurock TestRail versions 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The...
PT-2021-22998 · Gurock · Gurock Testrail
Name of the Vulnerable Software and Affected Versions: Gurock TestRail versions prior to 7.2.0.3014 Description: The issue is related to improper access control, resulting in sensitive information exposure. A threat actor can access the "/files.md5" file on the client side of a Gurock TestRail...
IBM Sterling File Gateway 信息泄露漏洞
IBM Sterling File Gateway is a suite of file transfer software from IBM Corporation. The software integrates different file transfer activity centers and helps file-based data to be securely exchanged over the Internet.An information disclosure vulnerability exists in IBM Sterling File Gateway,...
Amazon Linux AMI : curl (ALAS-2021-1525)
The version of curl installed on the remote host is prior to 7.61.1-12.99. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1525 advisory. A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and...