Design/Logic Flaw

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

Arbitrary File Write

MindsDB is vulnerable to Arbitrary File Write. The vulnerability exists due to an unsafe extraction process in file.py which does not ensure relative file paths are escaped allowing an attacker to write arbitrary files outside the expected directory...

Online Computer and Laptop Store Path Traversal Vulnerability

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A path traversal vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the fact that the parameter path in the file /classes/Master.php?f=deleteim...

CVE-2023-1381 WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization

The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code...

ELECOM WAB-MAT 代码问题漏洞

ELECOM WAB-MAT is a management tool for enterprise access points from ELECOM. A security vulnerability exists in ELECOM WAB-MAT version 5.0.0.8 and earlier, which originates from the use of unquoted file paths to register its Windows service executable...

AZL-25707 CVE-2023-28617 affecting package emacs for versions less than 28.2-5

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters...

Path Traversal

github.com/gookit/goutil is vulnerable to Path Traversal Zip Slip. The vulnerability exists because the Unzip function in operate.go does not properly sanitize the relative file paths, allowing an attacker to access files outside the expected directory...

CVE-2023-25579

Nextcloud server is a self hosted home cloud product. In affected versions the OC\Files\Node\Folder::getFullPath function was validating and normalizing the string in the wrong order. The function is used in the newFile and newFolder items, which may allow to creation of paths outside of ones own...

SUSE CVE-2017-5223

An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base...

SUSE CVE-2020-26954

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...

Jenkins Plugin Semantic Versioning 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerabilit...

Mozilla: Arbitrary file read from GTK drag and drop on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...

Path Traversal

github.com/uber/kraken is vulnerable to Path Traversal. The vulnerability exists because the downloadHandler parameter in the server.go does not properly sanitize the relative file paths and user inputs, allowing an attacker to write arbitrary files outside the expected directory...

Path Traversal

web-node-server is vulnerable to Path Traversal. The vulnerability is due to to a lack of sanitization of relative file paths in the start function of nodeserver.js which allows an attacker to write arbitrary files outside the expected directory...

PT-2023-19615 · Jenkins · Jenkins Visualexpert Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins visualexpert Plugin versions 1.3 and earlier Description: The issue allows attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system, due to a lack of...

Path Traversal

github.com/whyrusleeping/tar-utils is vulnerable to Path Traversal. The vulnerability exists because the elems parameter in the Sanitize function of extractor.go does not properly sanitize the relative file paths, allowing an attacker to write arbitrary files outside the expected directory...

Remote Code Execution

git is vulnerable to Remote Code Execution RCE. The vulnerability is due to lsfiles in lib.rb not un-escaping file paths when using eval, which allows an attacker to execute remote code...

CVE-2018-25046

A flaw was found in the cloudfoundry/archiver package. In affected versions of this package, archives containing relative file paths can cause files to be written or overwritten outside of the target directory due to improper path sanitization...

GHSA-32QH-8VG6-9G43 Cloud Foundry Archiver vulnerable to path traversal

Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

Unzip vulnerable to path traversal

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...