CVE-2021-38572

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated...

CVE-2021-38565

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows writing to arbitrary files via submitForm...

CVE-2021-38565

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows writing to arbitrary files via submitForm...

apache-flink: directory traversal attack allows remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

Foxit Reader和Foxit PhantomPDF 安全漏洞

Foxit Reader and Foxit PhantomPDF are both PDF document readers from the Chinese company Foxit. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 10.1.4, which stems from the application allowing arbitrary files to be written because the extractPages pathname is not...

Foxit Reader和Foxit PhantomPDF 安全漏洞

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. An arbitrary file write vulnerability exists in Foxit Reader versions prior to 10.1.4 and PhantomPDF versions prior to 10.1.4, which stems from a failure to validate the CombineFiles pathname and can be...

CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

Backdoor.Win32.Zaratustra Remote File Write / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f240c16af2189ea9c94f317281ce7e59.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zaratustra Vulnerability: Unauthenticated Remote File Write Remote Code Exec...

Pulse Connect Secure < 9.1R12 (SA44858)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is prior to 9.1R12. It is, therefore, affected by multiple vulnerabilities, including: - A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perfo...

(Pwn2Own) Microsoft Exchange Server OAB Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the OAB service. T...

(Pwn2Own) Microsoft Exchange Server Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of...

Elements-IT HTTP Commander 路径遍历漏洞

Elements-IT HTTP Commander is a server-hosted, web-based file management solution from Elements-IT Germany. It provides basic functionality for working with files creating, copying, deleting, etc. and many other additional features, such as integration with cloud services, online editing of Offic...

CVE-2021-33217

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. In the admin panel of basercms, an administrator with privileges to perform maintenance operations, has access ...

IBM DB2 11.5 < 11.5.6 FP0 Multiple Vulnerabilities (UNIX)

According to its version, the installation of IBM DB2 running on the remote host is 11.5 prior to 11.5.6 FP0. It is, therefore, affected by multiple vulnerabilities including the following: - IBM DB2 is affected by a flaw which could allow an unauthenticated, local user to to access and change...

Arbitrary File Write

Dovecot is vulnerable to arbitrary file write. It does not correctly escape kid and azp fields in JWT tokens. This may be used to supply attacker controlled keys to validate tokens in some configurations. This requires attacker to be able to write files to local disk...

GHSA-9423-6C93-GPP8 github.com/sassoftware/go-rpmutils Arbitrary File Write via Archive Extraction (Zip Slip)

The CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading .. which leads in file extraction outside of the current directory. Note, the fixing commit was applied to all affected versions which were re-released...

github.com/sassoftware/go-rpmutils Arbitrary File Write via Archive Extraction (Zip Slip)

The CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading .. which leads in file extraction outside of the current directory. Note, the fixing commit was applied to all affected versions which were re-released...

SRC-2021-0021 : League flysystem removeFunkyWhiteSpace Time-Of-Check Time-Of-Use File Write Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of League flysystem. Authentication may not be required to exploit this vulnerability. The specific flaw exists within the removeFunkyWhiteSpace function. The issue results from a...

CVE-2021-33576

An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk...