235 matches found
Reflected XSS when renaming malicious file (NC-SA-2021-005)
Missing sanitization in Nextcloud Server 20.0.5 and prior allowed to perform a reflected XSS when saving html as file name and causing an error on rename e.g. by renaming to an existing file. The risk is mostly mitigated due to the strict Content-Security-Policy CSP of Nextcloud, and thus mainly...
CVE-2018-19945
CVE-2018-19945 affects older QNAP QTS devices (versions 4.3.4–4.3.6). The root cause is an improper limitation of a pathname to a restricted directory, enabling an attacker to rename arbitrary files on the target system when exploited. QNAP has fixed the issue in QTS 4.3.6.0895 (build 20190328) a...
CVE-2020-15731
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...
Input validation
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...
CVE-2020-15731
CVE-2020-15731 affects Bitdefender Engines; the issue arises from improper input validation in the file renaming/recovery code, enabling a crafted file name to cause arbitrary file writes to a hardcoded location. Described as a local privilege escalation (per CVE listing) affecting versions prior...
OPENSUSE-SU-2020:1560-1 Security update for bcm43xx-firmware
This update for bcm43xx-firmware fixes the following issues: - Update bluetooth firmware to address Sweyntooth and Spectra issues bsc1176631: - brcmfmac driver loads file depending on compatible. Rename files correspondingly. bsc1169094 This update was imported from the SUSE:SLE-15-SP2:Update...
Denial Of Service (DoS)
qemu is vulnerable to denial of service DoS. The vulnerability exists through a race condition during file renaming, through v9fswstat in hw/9pfs/9p.c...
Cross-site Scripting (XSS)
dolibarr/dolibarr is vulnerable to cross-site scripting XSS. The vulnerability exists as a filename with .noexe extension can be used to bypass a script injection protection mechanism when it is being renamed...
UBUNTU-CVE-2020-13240
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...
Design/Logic Flaw
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...
File Renaming Vulnerability in YidaCMS Website Management System Backend
YidaCMS website management system is a simple, practical and efficient website builder. A file renaming vulnerability exists in the background of YidaCMS website management system, which can be exploited by an attacker to gain control of the web server...
CVE-2018-19489
v9fswstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service crash because of a race condition during file renaming...
Code injection
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...
CVE-2019-19210
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1266)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-10457
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...
CVE-2020-10457
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...
CVE-2020-10457
Path Traversal in Chadha PHPKB Standard Multi-Language 9 (admin/imagepaster/image-renaming.php) allows attackers to rename any file on the webserver via POST imgName and imgUrl using ../../../’ style sequences. Affected component: image-renaming functionality; root cause: improper validation of p...
Nextcloud: Only the file extensions are checked, not the MIME types as configured
The tool is not working as hoped. File access control speaks of MIME types that are blocked or not blocked. In fact, only the file extensions are checked. If a user renames an unauthorized file to an allowed file, he can upload and download it. The MIME type of the current file is insignificant,...
CVE-2019-11230
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename...