CVE-2023-27602

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

CVE-2023-27602 Apache Linkis publicsercice module unrestricted upload of file

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

Apache Linkis 代码问题漏洞

Apache Linkis is a library of the U.S. Apache Apache Foundation. Helps to easily connect various backend compute/storage engines. An arbitrary file upload vulnerability exists in Apache Linkis 1.3.1 and earlier versions, which stems from the PublicService module uploading files without restrictio...

PT-2023-13054 · Osticket · Osticket

Name of the Vulnerable Software and Affected Versions: osTicket osTicket-plugins versions prior to commit a7842d494889fd5533d13deb3c6a7789768795ae Description: The issue is a Cross Site Scripting XSS vulnerability in the audit/templates/auditlogs.tmpl.php file. This vulnerability can be exploited...

ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Vulnerability

Exploit Title: ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Author: nu11secur1ty Vendor: https://www.manageengine.com/ Software: https://www.manageengine.com/privileged-session-management/download.html Reference:...

ChiKoi v1.0 - SQL Injection

Title: ChiKoi-1.0 SQLi Author: nu11secur1ty Date: 01.12.2023 Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi Description: The...

CVE-2023-1682

A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to t...

PT-2023-17165 · Xunruicms · Xunruicms

Name of the Vulnerable Software and Affected Versions: Xunrui CMS version 4.61 Description: A vulnerability has been found in an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. Recommendations: For...

Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Vulnerability

Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite Description: The...

JVN#35246979: ELECOM WAB-MAT registers its windows service executable with an unquoted file path

WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Impact If a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service...

PT-2023-21941 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 8.3.0.2 Description: An issue was discovered that allows an unprivileged user to specify a log file path when executing a NetBackup command, potentially leading to the overwrite of existing NetBackup log...

PT-2023-17113 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.2 Description: A critical issue has been found, affecting an unknown part of the file /common/sysFile/list. The manipulation of the sort argument leads to SQL injection. It is possible to initiate the attack remotely...

Veritas NetBackup 安全漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in Veritas NetBackup versions prior to 8.3.0.2 that originates from allowing an unprivileged user to specify the path to a log file...

CVE-2023-28758

An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files...

SUSE CVE-2022-47951

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...

Adobe Connect 11.4.5 / 12.1.5 Local File Disclosure Vulnerability

Adobe Connect versions 11.4.5 and below as well as versions 12.1.5 and below suffer from a file disclosure vulnerability. Title: adobe connect - Local File Disclosure / Download security feature bypass vulnerability Author: h4shur CVE: CVE-2023-22232 Vendor Homepage: https://www.adobe.com Softwar...

Hummingbird < 3.4.2 - Unauthenticated Path Traversal

The plugin does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module. This allows an attacker to: - Enumerate file system directories where the user who starts the web server process has write access. -...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop dpdfrance versions prior to 6.1.3, which stems from a SQL...

The vulnerability of the TeamPass password manager, related to improper external management of the username or file path, allows attackers to delete any files they desire.

The vulnerability of the TeamPass password manager is related to improper external management of the username or file path. Exploiting this vulnerability allows a malicious actor to delete any files at will...

CVE-2021-33360

An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, childprocess, and/or filePath parameters...