CVE-2023-5514

The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure...

CVE-2023-5177

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

Arbitrary File Write

github.com/schollz/croc is vulnerable to Arbitrary File Write through crafted File Paths. The vulnerability is due to the Croc protocol which allows senders to specify sn arbitrary path for a file transfer. If the recipient doesn't already have a file with the same name, an attacker can exploit...

Path traversal

A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...

Directory traversal

An issue was discovered in Wind River VxWorks 6.9 and 7. The function tarExtract implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading...

soosyze 2.0.0 - File Upload Exploit

Title: soosyze 2.0.0 - File Upload Author: nu11secur1ty Vendor: https://soosyze.com/ Software: https://github.com/soosyze/soosyze/releases/tag/2.0.0 Reference: https://portswigger.net/web-security/file-upload Description: Broken file upload logic. The malicious user can upload whatever he wants t...

Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC 安全漏洞

Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC is a hardware and software solution designed for power system automation and control from Schweitzer Engineering Laboratories, USA. A security vulnerability exists in the Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC th...

@simonsmith/cypress-image-snapshothas fix for insecure snapshot file names

Impact It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example: js cy.get'h1'.matchImageSnapshot'../../../ignore-relative-dirs' The above will create an ignore-relative-dirs.png three levels ...

Improper Path Sanitisation

cloudfoundry/archiver is vulnerable to improper path sanitization. The vulnerability is due to not sanitizing relative file paths while processing archive entries. This can result in an attacker writing/overwritting files outside of the target directory leading to denial of service or loss of...

Jupiter X Core <= 2.5.0 - Unauthenticated Arbitrary File Download

Description The plugin does not have authorisation checks and does not validate file paths in the handlefiledownload function, allowing unauthenticated users to download arbitrary files from the server when the premium version of the plugin is activated...

WordPress Otter - Gutenberg Blocks Plugin < 2.2.6 PHAR Deserialization Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:themeisle:otter"; if description...

Arbitrary File Write

Jenkins Pipeline Utility Steps Plugin is vulnerable to Arbitrary File Write. The vulnerability exists due to not validating file paths of files contained within archives which allows an attacker to provide crafted archives as parameters to create or replace arbitrary files on the file system...

Jenkins Plugin Sidebar Link 路径遍历漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Code Dx Plugin 路径遍历漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Access Control Bypass

drupal/core is vulnerable to Access Control Bypass. The vulnerability is due to the download facility failing to sufficiently sanitize file paths, resulting in private file exposure to users who shouldn't have access...

Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization

The plugin does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP addFromString'test.png', 'text'; $phar-setStub"\xff\xd8\xff\n"; $phar-setMetadatanew Evil; $phar-stopBuffering; 2. As an Author user,...

CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

Design/Logic Flaw

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...