Path traversal

A path traversal exists in markdown-pdf version 9.0.0 that allows a user to insert a malicious html code that can result in reading the local files...

CVE-2018-3770

markdown-pdf versions prior to 9.0.0 are vulnerable to path traversal and potential remote code execution due to insufficient sanitization of HTML in Markdown files. Concrete details across multiple connected documents show that injecting malicious HTML can lead to reading local files and, in som...

KLA11295 Multiple vulnerabilities in Oracle Virtual Box

Multiple serious vulnerabilities were found in Virtual Box. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read local files. Below is a complete list of vulnerabilities: 1. Vulnerability in the Oracle VM VirtualBox component of Oracl...

Fixed in ClickHouse Release 1.1.54390, 2018-07-06 

ClickHouse MySQL client had “LOAD DATA LOCAL INFILE” functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server...

CVE-2018-8026

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...

CVE-2017-0913

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System...

Improper access control

Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain...

Path traversal Vulnerability in the review attachment resource - CVE-2017-16859

The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command...

Design/Logic Flaw

lms version = LMS011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be exploitable via GET parameter. This vulnerability appears to have been fixed in after commit 254765e...

CVE-2018-1000535

lms version = LMS011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be exploitable via GET parameter. This vulnerability appears to have been fixed in after commit 254765e...

CVE-2018-1000535

CVE-2018-1000535 concerns LMS, where versions up to and including LMS_011123 expose a Local File Disclosure in the LMS module’s file-reading functionality. The vulnerability can allow reading server files and is reported to be exploitable via a GET parameter. The issue’s impact is described as pa...

OurPHP 1.8 后台任意文件读取漏洞

...

Security Bulletin: IBM Tivoli Common Reporting (TCR) 2017Q2 Security Updater: TCR, a part of IBM Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities

Summary Fixes of Cognos Business Intelligence are provided as part of TCR fixes This bulletin addresses several security vulnerabilities. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and the IBM® Runtime Environment Java™ Technology Edition,...

CVE-2018-3725

hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...

Zoho ManageEngine Applications Manager Access Control Vulnerability

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. An access control...

Node.js third-party modules: [markdown-pdf] Local file reading

I would like to report local file reading in markdown-pdf It allows to insert a malicious html code, which allows to read the local files. Module module name: markdown-pdf version: 8.1.1 npm page: https://www.npmjs.com/package/markdown-pdf Module Description Node module that converts Markdown fil...

CVE-2018-11137

The 'checksum' parameter of the '/common/downloadattachment.php' script in the Quest KACE System Management Appliance 8.0.318 can be abused to read arbitrary files with 'www' privileges via Directory Traversal. No administrator privileges are needed to execute this script...

Path traversal

stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read content of any file with known path...

Mail.ru: LFI in beta.mail.ru

Local file read via file:// URI in report's image in beta.mail.ru. beta.mail.ru is not currently covered by bug bounty program. Чтение произвольных файлов сервера путем недостаточной проверки прикрепленных изображений...

Multiple vulnerabilities in the UCMS system

UCMS is a simple open source content management system. A file read and code execution vulnerability exists in UCMS version 1.4.5. An attacker can exploit the vulnerability to read arbitrary files, execute arbitrary code, and gain server privileges...