CVE-2022-47769

An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenticated attackers to upload malicious files in the web root of the application to gain access to the server via the web shell...

CVE-2022-47769

An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenticated attackers to upload malicious files in the web root of the application to gain access to the server via the web shell...

CVE-2022-47769

CVE-2022-47769 involves Serenissima Informatica Fast Checkin v1.0 and is an arbitrary file write vulnerability. An unauthenticated attacker can upload malicious files to the web root, which can lead to full server access via a web shell. The underlying issue is improper handling of file uploads a...

io_uring Same Type Object Reuse Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iouring Same Type Object Reuse Priv Esc', 'Description' = %q This module exploits a bug in iouring leading to an additional putcred that can be...

yaffshiv 路径遍历漏洞

yaffshiv is a simple YAFFS filesystem parser and extractor from the devttys0 personal developer. A security vulnerability exists in yaffshiv. An attacker can exploit this vulnerability to write arbitrary files outside of the extraction directory by crafting a malicious YAFFS file...

VulnCheck KEV: CVE-2020-6008

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution...

CentOS: Security Advisory for sudo (CESA-2023:0291)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

sudo security update

CentOS Errata and Security Advisory CESA-2023:0291 An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

EulerOS Virtualization 3.0.2.2 : gzip (EulerOS-SA-2023-1258)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

CVE-2022-39045

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

Design/Logic Flaw

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

GHSA-65V6-3C9M-HMRP Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

CVE-2022-39045

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-39045

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-39045

Mode C: Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 is affected by TALOS-2022-1611/CVE-2022-39045. A file-write vulnerability exists in the httpd upload.cgi functionality that, due to lack of filename sanitization, allows path traversal to overwrite arbitrary files. An uploaded file can be written...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

PT-2023-13677 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: A file write issue exists in the httpd upload.cgi functionality. This can be triggered by a specially-crafted HTTP request, leading to arbitrary file upload. An attacker can...

Siretta QUARTZ-GOLD httpd upload.cgi file write vulnerability

Talos Vulnerability Report TALOS-2022-1611 Siretta QUARTZ-GOLD httpd upload.cgi file write vulnerability January 26, 2023 CVE Number CVE-2022-39045 SUMMARY A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HT...