Code Injection

Gitlab is vulnerable to Code Injection. The vulnerability is caused due to lack of validation of file names. An attacker can inject code which can alter the representation of the UI...

HCL Technologies HCL Launch Security Breach

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL Launch that stems from improper validation of uploaded files, which...

ForestBlog Arbitrary File Upload Vulnerability

ForestBlog is an application, a personal blog. An arbitrary file upload vulnerability exists in ForestBlog 20220630 and earlier versions, which stems from a lack of valid validation of the uploaded file by the parameter filename in the file /admin/upload/img. An attacker can exploit this...

Path Traversal

mlflow is vulnerable to Path Traversal. The vulnerability is due to improper path validation or sanitization of uploaded files. This issue can be exploited by an attacker to delete arbitrary files on the filesystem, resulting in Denial of Service...

CVE-2023-50265 Bazarr Arbitrary file read in /api/swaggerui/static endpoint

Bazarr manages and downloads subtitles. Prior to 1.3.1, the /api/swaggerui/static endpoint in bazarr/app/ui.py does not validate the user-controlled filename variable and uses it in the sendfile function, which leads to an arbitrary file read on the system. This issue is fixed in version 1.3.1...

CVE-2023-49279

Umbraco is an ASP.NET content management system CMS. Starting in version 7.0.0 and prior to versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0, a user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media directly in a...

CVE-2023-49279

CVE-2023-49279 – Umbraco SVG backoffice upload issue : Umbraco CMS (ASP.NET) versions prior to patches allow a backoffice user to upload SVG files containing scripts. If another user loads the media in a browser, scripts can execute. Affected versions: 7.0.0 through just-before patches 7.15.11, 8...

CVE-2023-40460

CVE-2023-40460 affects the ACEManager component of ALEOS 4.16 and earlier . The vulnerability arises because ACEManager does not validate uploaded file names and types, which could allow an authenticated user to execute client-side scripts within ACEManager and alter device functionality until a ...

Sierra Wireless ALEOS Cross-Site Scripting Vulnerability

Sierra Wireless ALEOS AAF is a framework for creating applications in Sierra Wireless AirLink gateways from Sierra Wireless Canada. A security vulnerability exists in Sierra Wireless ALEOS 4.16 and earlier versions that stems from the ACEManager component not validating the name and type of...

Backup Migration < 1.3.7 - Unauthenticated Arbitrary File Download to Sensitive Information Exposure

Description The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers...

CVE-2023-6219 BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

WordPress Plugin JBookingPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin JBookingPress 1.0....

PT-2023-32568 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress plugin for WordPress versions up to, and including, 1.0.76 Description: The issue is related to insufficient file validation on the bookingpress process upload function, allowing authenticated attackers with administrator-level...

CVE-2023-5822

The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnduploadcf7upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to...

TorchServe ZipSlip

Impact Using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files that are extracted to any location on the filesystem that is within the process permissions. Leveraging this issue could aid third-party actors in hiding harmful code in...

DevBlog 跨站脚本漏洞

DevBlog is a blogging project developed using Node.js Express and MongoDB by Arman Idrisi, an individual developer. A cross-site scripting vulnerability exists in DevBlog v1.0, which stems from the application's lack of valid validation of uploaded files and can be exploited by an attacker to...

Insecure Direct Object Reference (IDOR)

ibexa/core is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is present because the DownloadController.php does not adequately validate the filenames in download URLs, allowing an attacker to craft malicious download URLs with filenames that bear no relation to the actual...

CVE-2023-20195

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...

PT-2023-11848 · WordPress · Simple:Press

Name of the Vulnerable Software and Affected Versions: The Simple:Press – WordPress Forum Plugin for WordPress versions up to, and including, 6.6.0 Description: The issue is related to arbitrary file uploads due to missing file type validation in the...

CVE-2023-35018

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382...