Remote Code Execution (RCE)

Unisharp/laravel-filemanager is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper validation of file extensions and mimetypes, which allows an attacker to bypass security mechanisms by inserting the . character after the php file extension...

PT-2024-10095 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal affected versions not specified Description: The issue is related to the Allow All File Extensions for file fields feature in Drupal, which affects the handling of file uploads. This vulnerability is associated with insufficient input...

Allow All File Extensions for file fields - Critical - Unsupported - SA-CONTRIB-2024-075

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...

Drupal Allow All File Extensions for file fields module * - Authenticated Other Vulnerability Type vulnerability

Authenticated Other Vulnerability Type vulnerability discovered by Drupal Security Site in WordPress Module Allow All File Extensions for file fields versions...

Livewire 输入验证错误漏洞

Livewire is Livewire open source a full stack framework for Laravel that allows you to build dynamic UI components without leaving PHP. An input validation error vulnerability exists in Livewire prior to version v3.5.2, which stems from unvalidated actual file extensions for filenames...

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat aka ALPHV operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses SMBs, likely through...

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...

The vulnerability of the Telegram instant messaging app for Android, related to the incorrect display of file extensions, allows a hacker to execute arbitrary code.

The vulnerability of the Telegram instant messaging application for Android is related to the improper display of extensions of received files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially created media files...

Path Traversal

yt-dlp is vulnerable to Path Traversal. The vulnerability is due to unrestricted file extensions of downloaded files resulting in arbitrary filenames and path traversal on Windows, which could allows an attacker to execute arbitrary code...

GeoServer Security Vulnerabilities

GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that stems from the fact that if GeoServer is deployed in a Windows operating system using the Apache Tomcat web...

Arbitrary Code Execution

typo3/cms is vulnerable to arbitrary file upload. The vulnerability is due to a missing file extensions in $GLOBALS'TYPO3CONFVARS''BE''fileDenyPattern', allowing backend users to upload executable files such as .phar, .shtml, .pl, or .cgi in certain web server setups...

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA...

Cross-site Scripting (XSS)

typo3/cms is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of file extensions containing malicious sequences in the output table listing, which requires access to the server's file system either directly or through synchronization to exploit...

CVE-2024-5692

On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. Note: This issue only affected Windows operating systems. Other operating systems are...

CVE-2023-45188

The CVE-2023-45188 issue affects IBM Engineering Lifecycle Optimization - Publishing, versions 7.0.2 and 7.0.3. Root cause: improper validation of file extensions allows a remote attacker to upload arbitrary files, which could lead to arbitrary code execution on the vulnerable system. Mitigations...

TYPO3 Arbitrary Code Execution via File List Module

Due to missing file extensions in $GLOBALS'TYPO3CONFVARS''BE'‘fileDenyPattern’, backend users are allowed to upload .phar, .shtml, .pl or .cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability. Derivatives of...

CVE-2024-0757 Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCE

The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files...

TYPO3 Arbitrary Code Execution via File List Module

Due to missing file extensions in $GLOBALS'TYPO3CONFVARS''BE'‘fileDenyPattern’, backend users are allowed to upload .phar, .shtml, .pl or .cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability. Derivatives of...

BIT-PHPLIST-2020-22249

Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the...

Field Logic DataCube3 Permission License and Access Control Issues Vulnerability

Field Logic DataCube4 is a small measurement terminal system from Field Logic. A security vulnerability exists in Field Logic DataCube3 version 1.0 that stems from vulnerability to unrestricted file uploads, which could allow an authenticated malicious actor to upload dangerous types of files by...