Lucene search
+L

235 matches found

Nextcloud
Nextcloud
added 2021/01/25 12:0 a.m.37 views

Reflected XSS when renaming malicious file (NC-SA-2021-005)

Missing sanitization in Nextcloud Server 20.0.5 and prior allowed to perform a reflected XSS when saving html as file name and causing an error on rename e.g. by renaming to an existing file. The risk is mostly mitigated due to the strict Content-Security-Policy CSP of Nextcloud, and thus mainly...

3.5CVSS1.1AI score0.01059EPSS
Exploits1Affected Software1
CVE
CVE
added 2020/12/31 4:33 p.m.68 views

CVE-2018-19945

CVE-2018-19945 affects older QNAP QTS devices (versions 4.3.4–4.3.6). The root cause is an improper limitation of a pathname to a restricted directory, enabling an attacker to rename arbitrary files on the target system when exploited. QNAP has fixed the issue in QTS 4.3.6.0895 (build 20190328) a...

9.1CVSS9.3AI score0.0111EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/30 12:15 p.m.6 views

CVE-2020-15731

An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...

3.6CVSS5.9AI score0.00534EPSS
Exploits0References1
Prion
Prion
added 2020/09/30 12:15 p.m.8 views

Input validation

An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...

4.3CVSS4.5AI score0.00534EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/09/30 11:55 a.m.46 views

CVE-2020-15731

CVE-2020-15731 affects Bitdefender Engines; the issue arises from improper input validation in the file renaming/recovery code, enabling a crafted file name to cause arbitrary file writes to a hardcoded location. Described as a local privilege escalation (per CVE listing) affecting versions prior...

4.3CVSS4.2AI score0.00534EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/28 8:21 a.m.2 views

OPENSUSE-SU-2020:1560-1 Security update for bcm43xx-firmware

This update for bcm43xx-firmware fixes the following issues: - Update bluetooth firmware to address Sweyntooth and Spectra issues bsc1176631: - brcmfmac driver loads file depending on compatible. Rename files correspondingly. bsc1169094 This update was imported from the SUSE:SLE-15-SP2:Update...

7.2AI score
Exploits0References3
Veracode
Veracode
added 2020/09/21 6:28 a.m.36 views

Denial Of Service (DoS)

qemu is vulnerable to denial of service DoS. The vulnerability exists through a race condition during file renaming, through v9fswstat in hw/9pfs/9p.c...

4.7CVSS2.4AI score0.00403EPSS
Exploits0References14Affected Software2
Veracode
Veracode
added 2020/09/03 4:59 a.m.8 views

Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to cross-site scripting XSS. The vulnerability exists as a filename with .noexe extension can be used to bypass a script injection protection mechanism when it is being renamed...

1.6AI score
Exploits0
OSV
OSV
added 2020/05/20 3:15 p.m.6 views

UBUNTU-CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.4CVSS6.1AI score0.00701EPSS
Exploits1References3
Prion
Prion
added 2020/05/20 3:15 p.m.19 views

Design/Logic Flaw

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.5CVSS5.3AI score0.00701EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2020/04/20 12:0 a.m.1 views

File Renaming Vulnerability in YidaCMS Website Management System Backend

YidaCMS website management system is a simple, practical and efficient website builder. A file renaming vulnerability exists in the background of YidaCMS website management system, which can be exploited by an attacker to gain control of the web server...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/03/29 1:56 p.m.33 views

CVE-2018-19489

v9fswstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service crash because of a race condition during file renaming...

4.7CVSS3.5AI score0.00403EPSS
Exploits0References2
Prion
Prion
added 2020/03/25 10:15 p.m.20 views

Code injection

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...

7.5CVSS9.7AI score0.02793EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/03/16 3:15 p.m.25 views

CVE-2019-19210

Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files...

5.4CVSS5.2AI score0.00928EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1266)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01075EPSS
Exploits0References2
NVD
NVD
added 2020/03/12 2:15 p.m.35 views

CVE-2020-10457

Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...

4CVSS3.8AI score0.01084EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.25 views

CVE-2020-10457

Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...

3.8AI score0.01084EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.54 views

CVE-2020-10457

Path Traversal in Chadha PHPKB Standard Multi-Language 9 (admin/imagepaster/image-renaming.php) allows attackers to rename any file on the webserver via POST imgName and imgUrl using ../../../’ style sequences. Affected component: image-renaming functionality; root cause: improper validation of p...

4CVSS4AI score0.01084EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2019/09/19 4:29 p.m.48 views

Nextcloud: Only the file extensions are checked, not the MIME types as configured

The tool is not working as hoped. File access control speaks of MIME types that are blocked or not blocked. In fact, only the file extensions are checked. If a user renames an unauthorized file to an allowed file, he can upload and download it. The MIME type of the current file is insignificant,...

6CVSS0.7AI score0.0113EPSS
Exploits0
NVD
NVD
added 2019/07/18 5:15 p.m.16 views

CVE-2019-11230

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename...

4.4CVSS4.8AI score0.00543EPSS
Exploits1References2
Rows per page
Query Builder