CVE-2022-29986

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletefacility...

CVE-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

Path Traversal

flux2 and kustomize-controller are vulnerable to path traversal. Kustomization file path are not sanitized, allowing an attacker to use built-in features to send malicious kustomization.yaml to expose sensitive data...

Path traversal

Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic...

CVE-2022-28784

CVE-2022-28784 describes a path traversal vulnerability in Samsung Galaxy Themes prior to SMR May-2022 Release 1. The issue stems from incorrect file path validation logic, allowing a system user to list file names in arbitrary directories. Affected component: Galaxy Themes (on Samsung devices) w...

CVE-2022-28784

Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic...

Fortinet FortiClient 安全漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

CVE-2022-27982

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution RCE vulnerability via the fileName parameter at /guestauth/cfg/upLoadCfg.php...

CVE-2022-28114

DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php...

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

The vulnerability of the MSExchangeADTopology service of the Microsoft Exchange Server allows a hacker to increase their privileges.

The vulnerability of the MSExchangeADTopology service of the Microsoft Exchange Server lies in the possibility of bypassing the file path. Exploiting this vulnerability can allow an attacker to enhance their privileges by specifying a file name without quotes...

The vulnerability of the MSExchangeMailboxAssistants service on Microsoft Exchange Server allows attackers to escalate their privileges.

The vulnerability of the MSExchangeMailboxAssistants service in Microsoft Exchange Server lies in the possibility of bypassing the file path. Exploiting this vulnerability can allow an attacker to enhance their privileges by specifying a file path without quotes...

PT-2022-5522 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.7.0 Description: The issue is related to the authentication procedure in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. Server-side authentication against a SAM file might be successful for...

Simple Real Estate Portal System SQL注入漏洞

Simple Real Estate Portal System is a real estate portal system by Carlo Montero Personal Developer. Simple Real Estate Portal System v1.0 has a security vulnerability that can be exploited by an attacker via /reps/classes/Master.php?f=deleteestate...

Car Driving School Management System SQL注入漏洞

A SQL injection vulnerability exists in Car Driving School Management System, a driving school management system, which originates from /cdsms/classes/Master.php?f=delete package...

Home Owners Collection Management System SQL注入漏洞

A SQL injection vulnerability exists in Home Owners Collection Management System v1.0, which originates in /hocms/classes/Master.php The vulnerability is caused by a lack of filtering and escaping of SQL data in ?f=deletephase. An attacker could exploit this vulnerability to cause SQL injection...

CVE-2022-1119

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the /includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in...

CVE-2022-29281

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program or theft of NTLM credentials via an SMB relay attack,...

CVE-2022-24854

Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, then it can attach...

The vulnerability of PHP Smarty template handlers, related to defects in the array processing of trusted directories $trusted_dir, allows attackers to gain unauthorized access to protected information.

The vulnerability of PHP Smarty templates is related to deficiencies in handling arrays of trusted directories $trusteddir. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information using the include operator in the file:./../../../../../etc/passwd...