2676 matches found
MetInfo File Modification Vulnerability
MetInfo adopts PHP+Mysql architecture, it is a cms building system which is very friendly to SEO, fully functional, supports multi-language, responsive display, and extremely suitable for enterprise and company website construction. A file modification vulnerability exists in MetInfo 7.0 beta. An...
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/languagegeneral.class.php and app/system/include/function/file.func.php...
Design/Logic Flaw
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/languagegeneral.class.php and app/system/include/function/file.func.php...
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability allowing attackers to delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php. Root cause described across multiple sources as a vulnerability in MetInfo’s f...
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/languagegeneral.class.php and app/system/include/function/file.func.php...
CVE-2021-28798
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.2.1630 Build 202104...
CVE-2021-28798
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.2.1630 Build 202104...
Path traversal
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.2.1630 Build 202104...
QNAP NAS 安全漏洞
A security vulnerability exists in QNAP NAS that stems from a relative path traversal vulnerability that can be exploited by an attacker to modify files affecting the integrity of the system.QNAP has fixed this vulnerability in the following versions:QTS 4.5.2.1630 Build 20210406 and later QTS...
GravCMS Remote Command Execution
This module exploits arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify...
The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform allows a perpetrator to gain access, modify, or make existing files inaccessible.
The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform is related to the absence of restrictions on file loading. Exploiting this vulnerability allows a malicious actor to remotely gain access, modify, or make existing files inaccessible using a...
PT-2021-8851 · Cloud Foundry +3 · Archiver +3
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by improper path sanitization, allowing archives with relative file paths to write or overwrite files outside the intended directory...
The vulnerability of the file system filter driver of the Secret Net Studio protection system allows a intruder to gain unauthorized access to protected information, or to have control over the creation, addition, or deletion of files.
The vulnerability of the file system filter driver of the Secret Net Studio security system is related to incorrect handling of hard links. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, or to have control over the ability to modify, add,...
CVE-2021-22716
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit V1.15.9 and prior...
CVE-2021-25159
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...
CVE-2021-25159
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...
CVE-2021-25160
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...
Design/Logic Flaw
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...
Design/Logic Flaw
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...
CVE-2021-25160
CVE-2021-25160 is a remote arbitrary file-write vulnerability in Aruba Instant (IAP) web UI/exposed interfaces. Multiple Aruba Instant versions are affected (e.g., 6.4.x up to 6.4.4.8-4.2.4.17; 6.5.x up to 6.5.4.18; 8.3.x up to 8.3.0.14; 8.5.x up to 8.5.0.11; 8.6.x up to 8.6.0.7; 8.7.x up to 8.7....