PT-2022-37303 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

EulerOS Virtualization 2.9.1 : xz (EulerOS-SA-2022-2370)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

EulerOS Virtualization 2.9.0 : gzip (EulerOS-SA-2022-2382)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

EulerOS Virtualization 2.9.0 : xz (EulerOS-SA-2022-2406)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

EulerOS Virtualization 2.9.1 : gzip (EulerOS-SA-2022-2346)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

The vulnerability in the web interface of the commutable managed distribution power supply PDU (iBoot-PDU), which allows a attacker to write a file to the root web directory.

The vulnerability in the web interface of the commutable managed distribution power unit PDU iBoot-PDU is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to write a file to the root web catalog...

CVE-2022-40087

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-40087

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-40087

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-40087

CVE-2022-40087 affects Simple College Website v1.0 and describes an arbitrary file write vulnerability in PHP via file_put_contents(), enabling arbitrary code execution through a crafted PHP file. The issue stems from unsafe file write behavior in the application and is documented across multiple...

CVE-2022-40087

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects

As many as 350,000 open source projects are believed to be potentially vulnerable to exploitation as a result of a security flaw in a Python module that has remained unpatched for 15 years. The open source repositories span a number of industry verticals, such as software development, artificial...

Simple College Website 代码问题漏洞

Sourcecodester Simple College Website is Sourcecodester an open source application . A content management system. A security vulnerability exists in Simple College Website v1.0, which stems from an arbitrary file write vulnerability via the fileputcontents function. The vulnerability allows an...

PT-2022-25193 · Unknown · Simple College Website

Name of the Vulnerable Software and Affected Versions: Simple College Website version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, leveraging an arbitrary file write vulnerability. This is achieved through the file put contents function...

jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

Safe Software FME Server 路径遍历漏洞

Safe Software FME Server is a web-based data conversion application from Safe Software Canada Inc. It is used to automate data and application integration workflows in a code-free environment. Safe Software FME Server suffers from a path traversal vulnerability that stems from a validation check...

rsync: remote arbitrary files write inside the directories of connecting peers

A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker wh...

QNAP NAS Photo Station Arbitrary File Write (CVE-2022-27593)

An arbitrary file write vulnerability exists in QNAP NAS Photo Station. Successful exploitation of this vulnerability could result in code execution on the affected system...

Remote Code Execution (RCE) via Arbitrary File Write and Path Traversal

Description Immich constructs the path, filename, and file extension of uploaded files from improperly sanitized user input. Therefore, the upload function is vulnerable to a path traversal attack leading to arbitrary file write. This can lead to RCE by overwriting JavaScript files. Proof of...