CVE-2022-41520

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function...

CVE-2022-41520

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function...

CVE-2021-33354

Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter...

Directory traversal

Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter...

CVE-2022-40713

CVE-2022-40713 affects NOKIA 1350OMS R14.2. Multiple Relative Path Traversal flaws exist in different endpoints via the file parameter, allowing a remote authenticated attacker to read arbitrary files on the filesystem. The NVD/NVD-derived CVSSv3.1 metrics show a base score of 6.5 (Medium) with N...

CVE-2022-40713

An issue was discovered in NOKIA 1350OMS R14.2. Multiple Relative Path Traversal issues exist in different specific endpoints via the file parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily...

CVE-2022-38537

Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the startfile, endfile, starttime, and stoptime parameters in the binlog2sql interface...

PT-2022-25010 · Nokia · Nokia 1350 Oms

Name of the Vulnerable Software and Affected Versions: NOKIA 1350 OMS version R14.2 Description: The issue is related to multiple OS Command Injection vulnerabilities. These vulnerabilities allow unauthenticated users to execute commands on the operating system. The vulnerabilities occur via...

PT-2022-16638 · WordPress · Download Manager

Name of the Vulnerable Software and Affected Versions: Download Manager plugin for WordPress versions up to and including 3.2.49 Description: The issue allows authenticated attackers with contributor privileges and above to deserialize untrusted input via the filepackage dir parameter. This can...

PublicCMS server-side request forgery vulnerability

PublicCMS is an open source content management system CMS written in Java by PublicCMS, China. publicCMS 4.0.202011.b previous versions exist server-side request forgery vulnerability, the vulnerability stems from the file parameter for access to the IP and domain name is not restricted. An...

PublicCMS 代码问题漏洞

PublicCMS is an open source content management system CMS written in Java by PublicCMS, China. publicCMS 4.0.202011.b previous versions exist server-side request forgery vulnerability, the vulnerability stems from the file parameter for access to the IP and domain name is not restricted. An...

PT-2022-23822

Name of the Vulnerable Software and Affected Versions Carel pCOWeb HVAC BACnet Gateway versions 2.1.0, Firmware A2.1.0 through B2.1.0, Application Software 2.15.4A Software v16 13020200 Description The Carel pCOWeb HVAC BACnet Gateway is affected by an unauthenticated arbitrary file disclosure...

CVE-2022-2101

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filefiles parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level...

GHSA-4C87-9XQ5-5C35 Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts. ZAP Pipeline Plugin prior to 1.10 globally disables the Content-Security-Policy header for static files served by Jenkin...

GHSA-QR42-82QJ-MW65 Improper Limitation of a Pathname to a Restricted Directory in Jenkins

A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...

Improper Limitation of a Pathname to a Restricted Directory in Jenkins

A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...

Webmin <= 1.991 Privilege Escalation Vulnerability

Webmin is prone to a privilege escalation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

GHSA-48R9-4V93-X4WH DOMPDF Remote File Inclusion Vulnerability

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the inputfile parameter...

Remote code execution

Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created i.e., not created in Virtualmin or Cloudmin. This occurs because settings-editorwrite.cgi does not properly restrict the file parameter...

GHSA-3PR8-RF62-G893 Path Traversal in Jenkins

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...