CVE-2021-38959

IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046...

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products allows a hacker to read arbitrary files using the RETR operation, write to arbitrary files using the STOR operation, or obtain confidential database location information using the PMODE operation.

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to read arbitrary files using the RETR operation, write to arbitrary files using the STOR operation, or obtain...

CVE-2021-42775

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. In...

Zoho ManageEngine ADAudit Plus Arbitrary File Write Vulnerability

Zoho ManageEngine ADAudit Plus is a web-based Active Directory change auditing and reporting solution. An arbitrary file write vulnerability exists in Zoho ManageEngine ADAudit Plus versions prior to 7006, which can be exploited by an attacker to write and execute arbitrary files on the system...

CVE-2021-42847

Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...

CVE-2021-42847

Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...

CVE-2021-42847

Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...

ZOHO ManageEngine ADAudit Plus 安全漏洞

Zoho ManageEngine ADAudit Plus is a web-based Active Directory change auditing and reporting solution. An arbitrary file write vulnerability exists in Zoho ManageEngine ADAudit Plus versions prior to 7006, which can be exploited by an attacker to write and execute arbitrary files on the system...

CVE-2021-42847

Product affected: ManageEngine ADAudit Plus, versions before 7006. Vulnerability: Arbitrary file write that enables authenticated users to write and execute files via the alert_script mechanism, enabling remote code execution (RCE) under the account running ADAudit Plus. Root cause / vector: Expl...

PT-2021-23695 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions prior to 7006 Description: The issue allows attackers to write to and execute arbitrary files, potentially leading to unauthorized access and malicious activities. Recommendations: For versions prior to...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins has a security vulnerability that stems from multiple vulnerabilities in the file path filtering implementation o...

phpok Arbitrary File Write Vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...

Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface...

Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to incomplete validation of user input for a specific CLI command. An authenticated, local attacker can exploit this, by authenticating to the device with administrative privileges, in order to overwrite...

CVE-2020-18439

An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...

CVE-2020-18439

An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...

qinggan phpok 代码问题漏洞

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...

CVE-2021-25877

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...

CVE-2021-25877

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...

Code injection

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...