CVE-2020-1885

Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file...

CVE-2020-1885

CVE-2020-1885 affects Oculus Desktop on Windows prior to 1.44.0.32849. A privileged OVRRedir.exe process can write to an unprivileged destination via a hard link to a log file, enabling local privilege escalation to arbitrary files. The issue is described as local privilege elevation stemming fro...

Arbitrary File Write Vulnerability in LJCMS of Beijing Liangjing Zhicheng Technology Co.

LJCMS is a PHP+MYSQL based enterprise website system. Beijing LiangJingZhiCheng Technology Co., Ltd LJCMS exists arbitrary file writing vulnerability, attackers can construct the cms update address to the target write malicious files to obtain server privileges...

Arbitrary File Write Vulnerability in Gila CMS

Gila CMS is an open source content management system. Gila CMS suffers from an arbitrary file write vulnerability that can be exploited by an attacker to write malicious code to the server and gain administrative privileges on the server...

CVE-2020-10696

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTPs server and then write files to the user's system anywhere that the user has permissions...

CVE-2020-10696

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTPs server and then write files to the user's system anywhere that the user has permissions...

CVE-2020-6008

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution...

CVE-2020-6008

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution...

Remote code execution

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution...

CVE-2020-6008

CVE-2020-6008 affects the WordPress LifterLMS plugin prior to 3.37.15. The vulnerability is an arbitrary file write that can lead to remote code execution; attackers could write and execute PHP code by manipulating a user’s first name. Public sources (NVD/Nessus-based findings) describe the affec...

CVE-2020-2139

An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system...

Directory Traversal

Overview sapper is a framework for building high-performance universal web apps. Affected versions of this package are vulnerable to Directory Traversal. when serving /client/... files. PoC by Daniel Thompson: curl...

Multiple vulnerabilities in Shihonkanri Plus GOOUT

Overview Shihonkanri Plus GOOUT provided by EKAKIN is a CGI that enables to view data stored in Shihonkanri Plus outside. Shihonkanri Plus GOOUT contains multiple vulnerabilities which allow reading/writing an arbitrary file listed below because of the improper validation of input parameter...

CVE-2020-8131

An arbitrary file write flaw was found in Yarn. This flaw allows an attacker to write files to a user’s system in unexpected places, potentially leading to remote code execution. The attacker would need to first trick a developer into installing a malicious package...

Paessler PRTG Network Monitor Access Control Error Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from the German company Paessler. A security vulnerability exists in PRTG Network Monitor version 19.1.49 and prior versions, which stems from the program failing to perform sufficient cleanup operations...

CVE-2019-11074

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges although not controlling the contents of such files due to insufficient sanitisation when passing arguments to th...

PT-2024-5186

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.27 Description: Cacti provides an operational monitoring and fault management framework. An arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having th...

WAGO e!COCKPIT File Path Input Validation Error Vulnerability

WAGO e!COCKPIT is a set of integrated development environment software from the German company WAGO. The software is mainly used for hardware configuration, programming and simulation. A security vulnerability exists in the firmware update function of WAGO e!COCKPIT v1.6.0.7, which is caused by...

Command Execution Vulnerability in CICMS in***.php File

CICMS is developed by PHP+MySQL, based on CodeIgniter framework, the source code is all open, and the main enterprise building site. CICMSin.php file has a command execution vulnerability. An attacker can exploit the vulnerability to write any php file and obtain the administrative privileges of...

CVE-2019-5159

An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. A specially crafted firmware update file can allow an attacker to write arbitrary files to arbitrary locations on WAGO controllers as a part of...