The vulnerability of the CODESYS Runtime Toolkit execution environment allows a perpetrator to execute arbitrary commands and load arbitrary files.

The vulnerability of the CODESYS Runtime Toolkit lies in the absence of requirements for authentication procedures in the default configuration. Exploiting this vulnerability allows a malicious actor to execute commands through the command line interface and upload arbitrary files...

CVE-2016-6642

Cross-site request forgery CSRF vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files...

Nextcloud: Android - Possible to intercept broadcasts about uploaded files

Hi. There are the moments of sending unprotected broadcasts https://github.com/nextcloud/android/blob/master/src/com/owncloud/android/files/services/FileUploader.javaL1170 https://github.com/nextcloud/android/blob/master/src/com/owncloud/android/files/services/FileUploader.javaL1116...

CVE-2015-5719

CVE-2015-5719 affects Malware Information Sharing Platform (MISP) before 2.3.92. The issue is in app/Controller/TemplatesController.php where filenames under tmp/files/ are not properly restricted. CNVD-2016-07269 notes this allows a local attacker to perform a symbolic link attack to overwrite a...

Design/Logic Flaw

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM an...

CVE-2015-8022

CVE-2015-8022 affects multiple F5 BIG-IP products (LTM, Analytics, APM, ASM, GTM, Link Controller; AAM, AFM, PEM; Edge Gateway, WebAccelerator, WOM, PSM) across 11.x releases. The root cause is in the Configuration utility: an Access Policy Manager customization configuration section that allows ...

F5 Networks BIG-IP : BIG-IP file validation vulnerability (K12401251)

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM an...

CVE-2016-5661

Accela Civic Platform Citizen Access portal is affected by CVE-2016-5661: Arbitrary file upload vulnerability where the portal relies on client-side file-type checks and an attacker can bypass these restrictions by manipulating the _EventArgument and filename parameters to upload arbitrary files....

Untangle NG Firewall Captive Portal RCE

The Untangle NG Firewall server running on the remote host is affected by a remote code execution vulnerability in the Captive Portal module, specifically within the /capture/handler.py script, due to a failure to verify that a user is authenticated before processing file uploads. An...

Eclipse Jetty Protected Resource Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eclipse Jetty. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the ContextHandler class restricts access to protected resources. By issuing a...

VulnCheck KEV: CVE-2016-15043

The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

PHPYun /uploads/member/ajax.class.php SQL注入漏洞

No description provided by source...

Ipswitch MOVEit File Transfer Cross-Site Scripting Vulnerability

Ipswitch MOVEit File Transfer formerly known as DMZ an automated file transfer system from the US company Ipswitch. A cross-site scripting vulnerability exists in Ipswitch MOVEit File Transfer 8.1 and earlier versions, which can be exploited by remote attackers to conduct cross-site scripting...

WordPress WP User Frontend Plugin Unlimited File Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Unlimited file upload vulnerability exists in WordPress WP User Frontend plugin versions prior to 2.3.11. Allows an attacker ...

Oracle Application Testing Suite ReportImage tempfilename Directory Traversal (CVE-2016-0489)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation in the Oracle Test Manager component while processing the HTTP request parameter tempfilename. A remote, authenticated attacker could exploit this...

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1738 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ==================================== 1738...

we7cms file upload vulnerability

we7cms is a content management system based on asp.net development. we7cms V3.0 system file upload vulnerability, the vulnerability is mainly caused by information leakage of the background upload service exposure, the uploaded service failed to get the identity verification, and the file format...

mediawiki -- multiple vulnerabilities

MediaWiki reports: T117899 SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now...

redaxscript 2.5.0 Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: module has been removed in version 2.6.0 Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 10/02/2015...

CVE-2015-8003

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads...