459 matches found
CVE-2022-45697
Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
Design/Logic Flaw
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update prior to 4.6.0 and 4.7.1 are affected. The installer component performs an insecure operation on Windows Junction, allowing a local attacker to delete arbitrary files without user interaction. Impact: high for availability/integrity; exploi...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2022-4748
A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler. The manipulation of the argument deletefile leads to path traversal. The...
CVE-2022-4748
A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler. The manipulation of the argument deletefile leads to path traversal. The...
Path traversal
A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler. The manipulation of the argument deletefile leads to path traversal. The...
CVE-2022-4748
CVE-2022-4748 affects FlatPress; vulnerable component is the function doItemActions in fp-plugins/mediamanager/panels/panel.mediamanager.file.php (File Delete Handler). The issue arises from improper handling of the argument deletefile , enabling path traversal . Root cause: manipulation of delet...
CVE-2022-4748 FlatPress File Delete panel.mediamanager.file.php doItemActions path traversal
A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler. The manipulation of the argument deletefile leads to path traversal. The...
PT-2022-28064 · Flatpress · Flatpress
Name of the Vulnerable Software and Affected Versions: FlatPress affected versions not specified Description: A critical issue was found in FlatPress, affecting the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler...
FlatPress 路径遍历漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. FlatPress has a path traversal vulnerability , the vulnerability stems from the component File Delete Handler in the fp-plugins/mediamanager/panels/panel.mediamanager.file.php file of the function...
SmarterTools SmarterMail Directory Traversal (CVE-2019-7213)
A directory traversal vulnerability exists in SmarterTools SmarterMail. Successful exploitation of this vulnerability could allow a remote attacker to upload or delete arbitrary files on the vulnerable server...
CVE-2022-33882
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app ADA. An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code...
CVE-2022-33882
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app ADA. An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code...
CVE-2022-33882
CVE-2022-33882 affects Autodesk Desktop App (ADA). Multiple sources describe a vulnerability in ADA’s file-delete/update handling that can be exploited to create an unintended sphere of control, enabling privilege escalation and execution of arbitrary code. ZDI advisories frame this as a local pr...
CVE-2022-42002
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete...
CVE-2022-42002
CVE-2022-42002 affects SonicJS up to version 0.6.0. The vulnerability stems from unauthenticated access to the file mutation mutations, specifically fileCreate and fileUpdate , which can overwrite arbitrary files on a SonicJS application. This leads to Arbitrary File Write and Delete . Connection...
CVE-2022-42002
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete...
PT-2022-21884 · Autodesk · Autodesk Desktop App
Name of the Vulnerable Software and Affected Versions: Autodesk Desktop App affected versions not specified Description: The issue allows an attacker to create an unintended sphere of control through a vulnerability in the file delete operation. This can be leveraged to escalate privileges and...