CVE-2021-34651

The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

Cisco Packet Tracer代码问题漏洞

Cisco Packet Tracer is a cross-platform visual emulation tool that allows users to create network topologies and emulate computer networks. The vulnerability can be exploited to execute arbitrary code on the affected system with the privileges of another user account by inserting a configuration...

PT-2021-10786 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress version 1.1 Description: A Cross Site Request Forgery CSRF issue exists, allowing unauthorized actions. The DeleteFile function in flat/admin.php is affected. Recommendations: For FlatPress version 1.1, consider disabling the...

CVE-2021-23415

This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path...

Path traversal

NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability...

KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure Vulnerabilities

KevinLAB BEMS version 1.0 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the page GET parameter in index.php is not properly verified before being used to include files. This can be exploited to disclose the contents of arbitrary and sensitive files vi...

KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure

KevinLAB BEMS 1.0 Authenticated File Path Traversal Information Disclosure Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy...

KevinLAB BEMS 1.0 Authenticated File Path Traversal Information Disclosure

Summary KevinLab is a venture company specialized in IoT, Big Data, A.I based energy management platform. KevinLAB's BEMS Building Energy Management System enables efficient energy management in buildings. It improves the efficient of energy use by collecting and analyzing various information of...

Dell Wyse Management Suite 信息泄露漏洞

DELL Dell Wyse Management Suite is a scalable solution for managing and optimizing Wyse endpoints from Dell USA. The product includes centralized management of Wyse endpoints, asset tracking and automated device discovery. A security vulnerability exists in Wyse Management Suite 3.2 and prior...

CVE-2021-23407

This affects the package elFinder.Net.Core from 0 and before 1.2.4. The user-controlled file name is not properly sanitized before it is used to create a file system path...

CVE-2021-32734 File path disclosure of shared files in Nextcloud Text application

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...

File path disclosure of shared files in Nextcloud Text application

None...

MDT AutoSave 路径遍历漏洞

MDT AutoSave is a software application. It provides an automated change management function. A path traversal vulnerability exists in MDT Autosave. An attacker could exploit this vulnerability to allow a specified path to be changed to another path, causing an existing file to be replaced with a...

Directory traversal

QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated attackers to list arbitrary directories by injecting file path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3...

Nextcloud: Text app leaks file path of shared files

By sending a request for a share without a README.md, the whole file path will be returned to the user: PUT /apps/text/public/session/create?token=EHTs4P7kATowiMg HTTP/1.1 Host: cloud.nextcloud.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:89.0 Gecko/20100101 Firefox/89.0 Accept...

Chamilo LMS SQL注入漏洞

Chamilo is a learning management system focused on ease of use and accessibility. A SQL injection vulnerability exists in main/inc/ajax/model.ajax.php in Chamilo 1.11.14 and earlier versions. The vulnerability can be exploited by an attacker to conduct a SQL injection attack via the searchField,...

The vulnerability of the module for creating and saving structured information about company departments in the “LOCMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCMAN:PLM, arises from the possibility of unlimited loading of dangerous files. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the module responsible for creating and saving structured information about company departments in the “LOCZMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCZMAN:PLM, relates to the unlimited loading of...

GHSA-2RVV-W9R2-RG7M Information Disclosure in Apache Tomcat

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of...

Description of the security update for SharePoint Server 2019: May 11, 2021 (KB5001916)

Description of the security update for SharePoint Server 2019: May 11, 2021 KB5001916 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and a Microsoft SharePoint spoofing vulnerability and information disclosure vulnerability. To learn more...

GHSA-8P9R-F949-699G Path Traversal in browserless-chrome

This affects all versions of browserless-chrome before 1.43.0. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server...