Code execution vulnerability in HongCMS v3.0 la***.php page

HongCMS is an open source lightweight content management system CMS. HongCMS v3.0 la.php page code execution vulnerability, the vulnerability stems from the background failed to strictly filter the login management file, an attacker can exploit the vulnerability, resulting in arbitrary file writi...

ICSA-18-226-01 Siemens SIMATIC STEP 7 and SIMATIC WinCC (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable locally/low skill level to exploit Vendor: Siemens Equipment: SIMATIC STEP 7 TIA Portal and SIMATIC WinCC TIA Portal Vulnerabilities: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

File Upload Vulnerability in PHPOKCMS Version 4.9.015

PHPOKCMS is an enterprise station CMS system developed in PHP+MYSQL language. A file upload vulnerability exists in PHPOKCMS version 4.9.015. An attacker can exploit this vulnerability to write arbitrary files and obtain webmaster privileges...

Arbitrary File Write via Archive Extraction

Overview Versions of adm-zip before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.4.9 or later. References - GitHub Pull Request - Zip Slip...

Arbitrary File Write via Archive Extraction

Overview Versions of unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.3.18 or later. References - GitHub Pull Request - Zip Slip...

Code Execution Vulnerability in the File Management System of Laoban CMS Backend

Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. A code execution vulnerability exists in the background file management of Laoban CMS. An attacker can exploit the vulnerability to...

SeedDMS Path Traversal Vulnerability

SeedDMS formerly known as LetoDMS and MyDMS is SeedDMS enthusiasts jointly developed a set of PHP and MySql-based open source document management system . The system is mainly used to store and share documents. A directory traversal vulnerability exists in SeedDMS versions prior to 5.1.8. An...

RHEL 6 : chromium-browser (RHSA-2018:2282)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2282 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 68.0.3440.75. Security Fixes:...

CVE-2018-14281

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-14280

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-12939

A directory traversal flaw in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows an authenticated attacker to write to or potentially delete arbitrary files via a .. dot dot in the "op/op.UploadChunks.php" "qquuid" parameter. NOTE: this can be leveraged to execute arbitrary code by using...

mholt/archiver golang package directory traversal vulnerability

The mholt/archiver golang package is a package for compression/uncompression. A directory traversal vulnerability exists in versions prior to mholt/archiver golang package e4ef56d48eb029648b0e895bb0b6a393ef0829c3, which can be exploited to write arbitrary files with the help of a specially crafte...

FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)

Google Chrome Releases reports : 42 security fixes in this release, including : - 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 - 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 -...

GHSA-3V6H-HQM4-2RG6 Arbitrary File Write in adm-zip

Versions of adm-zip before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.4.9 or later...

GHSA-884W-698F-927F Arbitrary File Write via Archive Extraction in unzipper

Versions of unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.3.18 or later...

Arbitrary File Write via Archive Extraction in unzipper

Versions of unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.3.18 or later...

ADM-ZIP Directory Traversal Vulnerability

adm-zip npm library is a Node.js-based JavaScript implementation that allows users to create, extract zip files in memory or on disk. A directory traversal vulnerability exists in versions of adm-zip npm library prior to 0.4.9. An attacker can exploit this vulnerability to write arbitrary files...

plexus-archiver directory traversal vulnerability

plexus-archiver is a library for compression/decompression. A directory traversal vulnerability exists in plexus-archiver versions prior to 3.6.0. An attacker can exploit this vulnerability by writing to a file with a specially crafted zip archive file with a directory traversal name...

zt-zip directory traversal vulnerability

zt-zip is a library for compression/decompression. A directory traversal vulnerability exists in zt-zip versions prior to 1.13. An attacker can exploit this vulnerability by writing arbitrary files with a specially crafted zip archive file with a directory traversal name...

zip4j directory traversal vulnerability

zip4j is a Java-based library for compression/decompression . A directory traversal vulnerability exists in zip4j versions prior to 1.3.3. The vulnerability can be exploited to write arbitrary files with a specially crafted zip archive file with a directory traversal name...