AZL-35380 CVE-2023-31972 affecting package yasm 1.3.0-17

yasm v1.3.0 was discovered to contain a use after free via the function ppgetline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...

Xxe

External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0...

PT-2023-20148 · Bumsys · Bumsys

Name of the Vulnerable Software and Affected Versions: bumsys versions prior to 2.2.0 Description: The issue concerns external control of file name or path in the GitHub repository unilogies/bumsys. Recommendations: For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issu...

PT-2023-19999 · Unknown · Control Id Rhid

Name of the Vulnerable Software and Affected Versions: Control iD RHiD version 23.3.19.0 Description: A critical vulnerability has been found in Control iD RHiD, affecting an unknown part of the file /v2//. The manipulation leads to direct request and can be initiated remotely. The vendor was...

SoftExpert Suite 2.1.3 Local File Inclusion

Exploit Title: SoftExpert SE Suite v2.1.3 - Local File Inclusion Date: 27-04-2023 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.softexpert.com/ Version: 2.0 target=$1 u=$2 p=$3 file=$echo -n "$4"|base64 -w 0 end="\0330m\e0m" red="\e0;31m\0331m" blue="\e0;34m\0331m" echo ...

CVE-2023-2424

A vulnerability was found in DedeCMS 5.7.106 and classified as critical. Affected by this issue is the function UpDateMemberModCache of the file uploads/dede/config.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the publi...

PT-2023-2981 · D Link · D-Link Dir-300

Name of the Vulnerable Software and Affected Versions: D-Link DIR-300 firmware versions =REVA1.06 and =REVB2.06 Description: The issue is related to incorrect external control of a file name or path in the /model/ lang msg.php script of the D-Link DIR-300 router's firmware. This can be exploited ...

PT-2023-19474 · Mlecms · Mlecms

Name of the Vulnerable Software and Affected Versions: MLECMS version 3.0 Description: A critical issue affects the get url function in the library /upload/inc/lib/admin of the file uploadincincludecommon.func.php. The manipulation of the argument $ SERVER'REQUEST URI' leads to SQL injection. The...

PT-2023-19139 · Unknown · Sourcecodester Online Dj Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online DJ Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Online DJ Management System. The issue affects an unknown function of the file admin/events/manage event.php,...

Access bypass in Drupal core

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

UBUNTU-CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

CVE-2023-2216

A vulnerability classified as problematic was found in Campcodes Coffee Shop POS System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument firstname leads to cross site scripting. The attack can be launched remotely. Th...

UBUNTU-CVE-2021-3429

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

UBUNTU-CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

Design/Logic Flaw

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability in the file /classes/Master.php?f=updateorderstatus, where the parameter id of the function...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier registers its Windows service executable with an unquoted file path. If a malicious executable is placed on the unquoted path, it may be executed with the privilege of the Windows service, enabling local privilege escalation. Affected software: ELECOM WAB-MAT (Wind...

The vulnerability affects the automount demons of the Tor browser, Firefox, Firefox ESR, and the Thunderbird email client, allowing a hacker to bypass security restrictions.

The vulnerability in Tor browser, Firefox, Firefox ESR, and Thunderbird email client’s automatic uninstallation feature is related to insufficient protection of service data during file path processing. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotel...