SUSE CVE-2015-0301

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do n...

CVE-2023-23937

Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...

Design/Logic Flaw

Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...

CVE-2022-4395

The CVE-2022-4395 entry describes a vulnerability in the WordPress plugin “Membership For WooCommerce” prior to version 2.1.7 where uploaded files are not validated, allowing unauthenticated users to upload arbitrary files (e.g., PHP), enabling remote code execution. Affected software: Membership...

CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE...

CVE-2023-24449

Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`

Impact MITM can enable Zip-Slip. Vulnerability Vulnerability 1: Scanner.java There is no validation that the zip file being unpacked has entries that are not maliciously writing outside of the intended destination directory...

Design/Logic Flaw

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...

CVE-2022-2893

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...

CVE-2022-2893

RONDS EPM v1.19.5 contains a path traversal vulnerability where the filename parameter is not properly validated, allowing an unauthorized user to specify file paths and download files. The issue is explicitly CVE-2022-2893; CISA ICS advisories also describe an adjacent exposure vulnerability (CV...

CVE-2018-25074

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The patch is named...

CVE-2022-3416 WPtouch < 4.3.45 - Admin+ Arbitrary File Upload

The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

CVE-2022-4236

Vulnerability summary (CVE-2022-4236): Welcart e-Commerce WordPress plugin versions before 2.8.5 fail to validate input used to output file content via an AJAX action accessible to authenticated users, enabling at least subscriber-level users to read arbitrary server files. Root cause: unvalidate...

PT-2023-14111 · WordPress · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce WordPress plugin versions prior to 2.8.6 Description: The issue arises from the lack of validation of user input before using it in file exist functions via various AJAX actions available to any authenticated users. This...

Path Traversal In MeterSpere leads to upload file to any path

Summary MeterSphere allow users to upload file, but not check the file name, may lead to upload file to any path if the file name in upload request is falsified. Details Metersphere's FileUtils.java didn't check the filePath. java public static void createFileString filePath, byte fileBytes File...

GHSA-9P62-X3C5-HR5P Path Traversal In MeterSpere leads to upload file to any path

Summary MeterSphere allow users to upload file, but not check the file name, may lead to upload file to any path if the file name in upload request is falsified. Details Metersphere's FileUtils.java didn't check the filePath. java public static void createFileString filePath, byte fileBytes File...

CVE-2022-4061

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP...

CVE-2022-4107

The SMSA Shipping for WooCommerce WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks, as well as does not validate the file to be downloaded, allowing any authenticated users, such as subscriber to download arbitrary file from the server...

CVE-2022-4061

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP...

CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...