PT-2024-1420 · Asus · Asus Armoury Crate

Name of the Vulnerable Software and Affected Versions: ASUS Armoury Crate affected versions not specified Description: The issue is related to arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission. This is due to...

PT-2024-19272 · Unknown · Whoogle Search

Name of the Vulnerable Software and Affected Versions: Whoogle Search versions 0.8.3 and prior Description: Whoogle Search is a self-hosted metasearch engine. The issue allows for a limited file write vulnerability when configuration options are enabled. The config function in app/routes.py does...

GHSA-V3RG-QM46-XRG9 Path traversal in flaskcode

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

CVE-2023-52289

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

Flaskcode Security Vulnerability

Flaskcode is a web-based code editor on the Python Flask framework. A security vulnerability exists in Flaskcode 0.0.8 and earlier versions, which stems from a directory traversal vulnerability that could allow an unauthenticated attacker to write to arbitrary files...

PT-2024-14506 · Flaskcode · Flaskcode

Name of the Vulnerable Software and Affected Versions: flaskcode versions through 0.0.8 Description: An issue was discovered that allows for unauthenticated directory traversal, which can be exploited with a POST request to the "/update-resource-data/" API endpoint. This enables attackers to writ...

PT-2024-2987 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 776 Description: The issue is related to a Path Traversal vulnerability, which allows an attacker to change directories, create files, and download them outside the allowed directories. This can potentially...

Exploit for Path Traversal in Apktool

MobSF Remote code execution via CVE-2024-21633 I have found...

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2024-20805

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

SAMSUNG mobile devices path traversal vulnerability

SAMSUNG mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from South Korea's Samsung SAMSUNG. A path traversal vulnerability exists in SAMSUNG mobile devices SMR Jan-2024 Release 1 version and earlier versions, which stems from a path traversal...

CVE-2023-50090

Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request...

CVE-2023-50090

Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request...

Design/Logic Flaw

Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request...

DEBIAN-CVE-2024-21633

Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...

CVE-2024-21633 Arbitrary file write on Decoding

Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...

CVE-2024-21633 Arbitrary file write on Decoding

Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...

CVE-2023-50090

Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request...