Cleo LexiCom 路径遍历漏洞

Cleo LexiCom is an integrated platform from Cleo, Inc. Accelerate EDI automation, speed trade partner on-boarding and easily resolve EDI issues. A path traversal vulnerability exists in Cleo LexiCom 5.5.0.0, which originates in an AS2 message where the sender can specify a filename that can conta...

GHSA-P2RP-CMJQ-R7WM Shell command injection in Apache Syncope

In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution...

Shell command injection in Apache Syncope

In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution...

CVE-2021-26473

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebserviceo.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server...

CVE-2021-26473

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebserviceo.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server...

GHSA-JXCC-G75X-QGW9 Calipso Arbitrary File Write via Archive Extraction (Zip Slip)

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

Calipso Arbitrary File Write via Archive Extraction (Zip Slip)

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

CVE-2021-26473

An unauthenticated arbitrary file write and remote code execution vulnerability in VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1. The HTTP API at /sgwebservice_o.php?action=logFilePath allows writing arbitrary files in the web server process context, which can later be executed by req...

Arbitrary File Write

calipso is vulnerable to arbitrary file write. A malicious module can overwrite files on an arbitrary file system through the module install functionality...

Vembu BDR Suite 代码问题漏洞

Vembu BDR Suite is a virtual machine management system. A code issue vulnerability exists in Vembu BDR Suite, which can be exploited by an attacker to write an unauthenticated file via a GET request that specifies the name and content of the file...

CVE-2021-23391 Arbitrary File Write via Archive Extraction (Zip Slip)

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview calipso is a Calipso is a simple NodeJS content management system based on Express, Connect & Mongoose. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. It is possible for a malicious module to overwrite files on an arbitrary file...

Arbitrary File Write

apport:devel is vulnerable to arbitrary file write. It is possible because of a flaw in processreport...

OBottle Arbitrary File Write Vulnerability

OBottle is a lighter, database-free blog. An arbitrary file write vulnerability exists in ct.php in OBottle version 2.0. No details of the vulnerability are provided at this time...

CVE-2020-36008

OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability...

CVE-2020-36008

OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability...

CVE-2020-36008

OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability...

CVE-2020-36008

OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability...

CVE-2020-36008

OBottle 2.0 is affected by an arbitrary file write vulnerability in ct.php (CVE-2020-36008). The connected records confirm the vulnerability exists in OBottle 2.0 and describe an arbitrary file write in ct.php, but do not provide root-cause details, affected version ranges beyond 2.0, exploit sta...

OBottle 安全漏洞

OBottle is a lighter, database-free blog. An arbitrary file write vulnerability exists in ct.php in OBottle version 2.0. No details of the vulnerability are provided at this time...