Lucene search
K

235 matches found

Patchstack
Patchstack
added 2022/09/07 12:0 a.m.25 views

WordPress Frontend File Manager plugin <= 21.2 - Unauthenticated File Renaming vulnerability

Unauthenticated File Renaming vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress Frontend File Manager plugin versions = 21.2. Solution Update the WordPress Frontend File Manager plugin to the latest available version at least 21.3...

5.3CVSS1.8AI score0.06199EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2022/05/17 4:43 a.m.6 views

GHSA-M76J-69C2-C3M8 TYPO3 vulnerable to remote authenticated arbitrary code execution

The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250...

8.7CVSS7.2AI score0.01118EPSS
Exploits0References3
Prion
Prion
added 2022/02/28 9:15 a.m.19 views

Design/Logic Flaw

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the...

3.5CVSS4.6AI score0.03205EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/28 12:0 a.m.8 views

The vulnerability of the CmActLicense component in the CodeMeter license management application allows a violator to rename any files at will.

The vulnerability of the CmActLicense component in the CodeMeter license management application is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to rename arbitrary files remotely...

7.5CVSS7.2AI score0.00838EPSS
Exploits0References3Affected Software1
wpexploit
wpexploit
added 2022/01/26 12:0 a.m.158 views

LearnPress < 4.1.5 - Arbitrary Image Renaming

Users of the plugin can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request,...

4.3CVSS4.7AI score0.03205EPSS
Exploits5References2
CNNVD
CNNVD
added 2021/12/31 12:0 a.m.5 views

Mcafee McAfee Application and Change Control 安全漏洞

Mcafee McAfee Application and Change Control MACC is a security threat monitoring system from McAfee, Inc. A security vulnerability exists in McAfee Application and Change Control, which can be exploited by an attacker to run code by renaming a file to exploit a vulnerability in McAfee Applicatio...

7.8CVSS7.5AI score0.00251EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/11/08 5:35 p.m.29 views

CVE-2021-24816 Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming

The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenixmediarename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own...

4.9AI score0.00654EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.6 views

WordPress 插件访问控制错误漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Plugin is a WordPress open source application plugin. access control error vulnerability in Wordpress...

4.3CVSS5.7AI score0.00654EPSS
Exploits2References2
Patchstack
Patchstack
added 2021/10/06 12:0 a.m.14 views

WordPress Phoenix Media Rename plugin <= 3.4.2 - Arbitrary Media File Renaming vulnerability

Arbitrary Media File Renaming vulnerability discovered by apple502j in WordPress Phoenix Media Rename plugin versions = 3.4.2. Solution Update the WordPress Phoenix Media Rename plugin to the latest available version at least 3.4.4...

4.3CVSS4.1AI score0.00654EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/10/06 12:0 a.m.17 views

Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming

The plugin does not have capability checks in its phoenixmediarename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own. PoC As an Author, go to the page to edit one of your own Media ie /wp-admin/post.php?post=1993=edit, whic...

4.3CVSS3.1AI score0.00654EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/10/06 12:0 a.m.813 views

Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming

The plugin does not have capability checks in its phoenixmediarename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own. As an Author, go to the page to edit one of your own Media ie /wp-admin/post.php?post=1993&action=edit,...

4.3CVSS1.4AI score0.00654EPSS
Exploits2
Huntr
Huntr
added 2021/08/28 10:41 a.m.8 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to rename any file with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.6AI score
Exploits0
Huntr
Huntr
added 2021/08/24 2:15 p.m.7 views

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description Attacker is able to rename any file on the server if logged in user visits attacker website. 🕵️‍♂️ Proof of Concept Create a test.txt file under /home/user when you logged in open this POC.html in a browser you can check test.txt renames to test.php. //PoC.html history.pushState'',...

1.2AI score
Exploits0References1
Rosalinux
Rosalinux
added 2021/07/02 4:34 p.m.45 views

Advisory ROSA-SA-2021-1809

Software: bolt 0.7 OS: Cobalt 7.9 CVE-ID: CVE-2015-7309 CVE-Crit: HIGH CVE-DESC: The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, allowing remote authenticated users to execute arbitrary code by renaming a created file and then directly accessing it...

8.8CVSS6.8AI score0.38611EPSS
Exploits12
CNVD
CNVD
added 2021/05/21 12:0 a.m.5 views

FusionPBX Path Traversal Vulnerability (CNVD-2021-36592)

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. FusionPBX 4.5.7 suffers from a path traversal vulnerability that originates from a maliciou...

6.5CVSS6.8AI score0.0118EPSS
Exploits0References1
OSV
OSV
added 2021/05/20 4:15 p.m.3 views

CVE-2020-21055

A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the 1 folder, 2 filename, and 3 newfilename variables in app\edit\filerename.php...

6.5CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 2021/05/20 3:42 p.m.15 views

CVE-2020-21055

A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the 1 folder, 2 filename, and 3 newfilename variables in app\edit\filerename.php...

6.4AI score0.0118EPSS
Exploits0References2
CVE
CVE
added 2021/05/20 3:42 p.m.49 views

CVE-2020-21055

CVE-2020-21055 is a path traversal vulnerability affecting FusionPBX 4.5.7. An attacker can rename any file on the system through the parameters (1) folder, (2) filename, and (3) newfilename in app\edit\filerename.php. The entry provides CVSS v3.1 base metrics: 6.5 (Impact: High integrity, Privil...

6.5CVSS6.4AI score0.0118EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2021/04/19 12:0 a.m.374 views

Trojan.Win32.Agentb.iofv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agentb.iofv Vulnerability: Insecure Permissions Description: Agentb.iofv creates an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.382 views

Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Date: 16/06/2020 Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE :...

8.8CVSS7AI score0.27482EPSS
Exploits4
Rows per page
Query Builder