GHSA-VXJG-HCHX-CC4G @simonsmith/cypress-image-snapshothas fix for insecure snapshot file names

Impact It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example: js cy.get'h1'.matchImageSnapshot'../../../ignore-relative-dirs' The above will create an ignore-relative-dirs.png three levels ...

Desdev DedeCMS 代码注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

Art Gallery Management System SQL注入漏洞

Art Gallery Management System is an art gallery management system. An SQL injection vulnerability exists in Art Gallery Management System v1.0, which originates from the lack of validation of the parameter cid in /agms/product.php against external SQL input. An attacker can exploit this...

[SECURITY] [DSA 5460-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5460-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 26, 2023 https://www.debian.org/security/faq -...

PT-2023-4394 · Mariadb · Mariadb Maxscale

Name of the Vulnerable Software and Affected Versions: MariaDB MaxScale versions prior to 2.5.28 MariaDB MaxScale versions prior to 6.4.9 MariaDB MaxScale versions prior to 22.08.8 MariaDB MaxScale versions prior to 23.02.3 Description: An issue was discovered in MariaDB MaxScale where a user...

CVE-2023-3842

CVE-2023-3842 affects Pointware EasyInventory 1.0.12.0. The vulnerability stems from an unquoted search path in the vulnerable binary Easy2W.exe located under C:\Program Files (x86)\EasyInventory. This enables a local attacker to exploit the issue, with the impact described as high confidentialit...

PT-2023-26398 · Dedebiz · Dedebiz

Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2.10 Description: A problematic issue has been found in DedeBIZ, affecting some unknown functionality of the file /admin/sys sql query.php. The manipulation of the sqlquery argument leads to sql injection. The attack can be...

CVE-2023-3836

A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers allows a intruder to gain unauthorized access to local files.

The vulnerability of the monitoring software for the functions and status of Advantech R-SeeNet routers is related to improper external manipulation of the file name or file path. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to local...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

auto-cve-2022-44268 Automating expl...

Campcodes Retro Cellphone Online Store 跨站脚本漏洞

Campcodes Retro Cellphone Online Store is a retro cellphone online store by Campcodes. A cross-site scripting vulnerability exists in Campcodes Retro Cellphone Online Store version 1.0, which stems from the parameter un in the file /admin/addusermodal.php can lead to cross-site scripting...

CVE-2023-3626

A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...

Arbitrary File Read

MechanicalSoup is vulnerable to Arbitrary File Read. The vulnerability is due to improper file path sanitization which allows an attacker to read arbitrary files on the web server using the tag inside an HTML form...

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2023-3315

Summary Vulnerability CVE-2023-3315 affects the Team Concert plugin of IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2023-3315 DESCRIPTION: Jenkins Team Concert could allow a remote authenticated attacker to obtain sensitive information, caused by improper permission...

GHSA-WJ7Q-GJG8-3CPM league/oauth2-server key exposed in exception message when passing as a string and providing an invalid pass phrase

Impact Servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a LogicException message if they did not provide a valid pass phrase for the key where required. Patches This issue has been patched so that the provided key is...

Apache Linkis Unrestricted File Upload vulnerability

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

Design/Logic Flaw

league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a LogicException...

VulnCheck KEV: CVE-2022-39952

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via...

CVE-2023-27469

Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...