7263 matches found
Zoho ManageEngine ADAudit Plus Arbitrary File Write Vulnerability
Zoho ManageEngine ADAudit Plus is a web-based Active Directory change auditing and reporting solution. An arbitrary file write vulnerability exists in Zoho ManageEngine ADAudit Plus versions prior to 7006, which can be exploited by an attacker to write and execute arbitrary files on the system...
CVE-2021-42847
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...
CVE-2021-42847
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...
CVE-2021-42847
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...
CVE-2021-42847
Product affected: ManageEngine ADAudit Plus, versions before 7006. Vulnerability: Arbitrary file write that enables authenticated users to write and execute files via the alert_script mechanism, enabling remote code execution (RCE) under the account running ADAudit Plus. Root cause / vector: Expl...
ZOHO ManageEngine ADAudit Plus 安全漏洞
Zoho ManageEngine ADAudit Plus is a web-based Active Directory change auditing and reporting solution. An arbitrary file write vulnerability exists in Zoho ManageEngine ADAudit Plus versions prior to 7006, which can be exploited by an attacker to write and execute arbitrary files on the system...
PT-2021-23695 · Zoho · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions prior to 7006 Description: The issue allows attackers to write to and execute arbitrary files, potentially leading to unauthorized access and malicious activities. Recommendations: For versions prior to...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins has a security vulnerability that stems from multiple vulnerabilities in the file path filtering implementation o...
phpok Arbitrary File Write Vulnerability
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...
Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to incomplete validation of user input for a specific CLI command. An authenticated, local attacker can exploit this, by authenticating to the device with administrative privileges, in order to overwrite...
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface...
CVE-2020-18439
An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...
CVE-2020-18439
An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...
qinggan phpok 代码问题漏洞
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...
CVE-2021-25877
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...
CVE-2021-25877
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...
Code injection
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...
CVE-2021-25877
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php...
CVE-2021-25877
AVideo/YouPHPTube 10.0 and earlier is affected by an insecure file write vulnerability. An administrator-privileged user can write arbitrary files on the filesystem via the save.php file using lag and code variables. Documented impact is ability to write files on the server filesystem, enabli...
PT-2021-16825 · Unknown · Avideo/Youphptube
Name of the Vulnerable Software and Affected Versions: AVideo/YouPHPTube versions 10.0 and prior Description: The issue allows an administrator-privileged user to write files on the filesystem using flag and code variables in the file save.php. This is due to insecure file write. Recommendations:...