7263 matches found
OpenProject 操作系统命令注入漏洞
OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 16.6.7 and 17.0.3 had a vulnerability related to operating system command injection. This vulnerability stemmed from an arbitrary file writing vulnerability present in the repository modification...
PT-2026-6757
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.4 Gogs versions prior to 0.14.0 Description Gogs, an open source self-hosted Git service, contains a flaw that allows for arbitrary file read and write operations through path traversal in the Git hook editing...
qdrant has arbitrary file write via `/logger` endpoint
Summary It is possible to append to arbitrary files via /logger endpoint. Minimal privileges are required read-only access. Tested on Qdrant 1.15.5 Details POST /logger Source code link endpoint accepts an attacker-controlled ondisk.logfile path. There are no authorization checks but authenticati...
GHSA-F632-VM87-2M2F qdrant has arbitrary file write via `/logger` endpoint
Summary It is possible to append to arbitrary files via /logger endpoint. Minimal privileges are required read-only access. Tested on Qdrant 1.15.5 Details POST /logger Source code link endpoint accepts an attacker-controlled ondisk.logfile path. There are no authorization checks but authenticati...
GHSA-9FFM-FXG3-XRHH NiceGUI's Path Traversal via Unsanitized FileUpload.name Enables Arbitrary File Write
Summary NiceGUI's FileUpload.name property exposes client-supplied filename metadata without sanitization, enabling path traversal when developers use the pattern UPLOADDIR / file.name. Malicious filenames containing ../ sequences allow attackers to write files outside intended directories, with...
nodejs: Nodejs file permissions bypass
A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...
GO-2026-4407 melange QEMU runner could write files outside workspace directory in chainguard.dev/melange
melange QEMU runner could write files outside workspace directory in chainguard.dev/melange...
GO-2026-4357 Incus container image templating arbitrary host file read and write in github.com/lxc/incus
Incus container image templating arbitrary host file read and write in github.com/lxc/incus...
GHSA-88QH-CPHV-996C FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
Summary Description A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. Impact This affects all...
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
Summary Description A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. Impact This affects all...
PT-2026-6567
Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters...
PT-2026-6517
Incus container image templating arbitrary host file read and write in github.com/lxc/incus...
CVE-2026-25539 SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution RCE by writing to sensitive...
CVE-2026-25539 SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution RCE by writing to sensitive...
CVE-2026-25539
SiYuan has an Arbitrary File Write vulnerability via /api/file/copyFile. Prior to version 3.5.5, the dest parameter is not validated, allowing an authenticated user to copy a file to arbitrary locations (e.g., cron jobs, SSH authorized_keys, or shell config files) and achieve Remote Code Executio...
CVE-2026-25539 SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution RCE by writing to sensitive...
CVE-2026-24884
Compressing is a compressing and uncompressing lib for node. In version 2.0.0 and 1.10.3 and prior, Compressing extracts TAR archives while restoring symbolic links without validating their targets. By embedding symlinks that resolve outside the intended extraction directory, an attacker can caus...
GHSA-HV53-3329-VMRM n8n Merge Node has Arbitrary File Write leading to RCE
Impact A vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server's filesystem potentially leading to remote code execution. Patches The issue has been fixed in n8n version 2.4.0, 1.118.0...
n8n Merge Node has Arbitrary File Write leading to RCE
Impact A vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server's filesystem potentially leading to remote code execution. Patches The issue has been fixed in n8n version 2.4.0, 1.118.0...
n8n Vulnerable to Arbitrary File Write on Remote Systems via SSH Node
Impact When workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those remote systems potentially leading to remote code execution on those systems. As a...