724 matches found
Pyradm - Python Remote Administration Tool Via Telegram
Remote administration crossplatfrom tool via telegram\ Coded with ❤️ python3 + aiogram3 \ https://t.me/ptsoft v0.3 X Screenshot from target X Crossplatform X Upload/Download X Fully compatible shell X Process list X Webcam video record or screenshot X Geolocation X Filemanager X Microphone X...
Rich Filemanager Detection (HTTP)
HTTP based detection of Rich Filemanager. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.151895...
BIT-LIMESURVEY-2020-11455
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php...
CVE-2024-2055
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user...
CVE-2024-2055
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user...
Design/Logic Flaw
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user...
CVE-2024-2055
The Artica Proxy vulnerability CVE-2024-2055 involves the Rich Filemanager feature. When enabled, it does not require authentication and runs as root, exposing an unauthenticated web interface on port 5000/tcp. An attacker can gain complete filesystem access and could modify critical files (e.g.,...
Artica Proxy Unauthenticated File Manager Vulnerability
Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID:...
PT-2024-18680 · Unknown · Artica Proxy
Name of the Vulnerable Software and Affected Versions: Artica Proxy affected versions not specified Description: The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by...
Artica Proxy Security Vulnerability
Artica Proxy is an open source Artica proxy solution from the Spanish company Artica. A security vulnerability exists in Artica Proxy that stems from the Rich Filemanager feature being enabled to run as root user without authentication by default...
CVE-2018-25094
CVE-2018-25094 affects the Online Accounting System (versions up to 1.4.0). The vulnerability lies in ckeditor/filemanager/browser/default/image.php where manipulating the fid argument (input like ../../../etc/passwd) yields a path traversal (../filedir). The exploit has been disclosed publicly. ...
Online Accounting System Security Vulnerability
Online Accounting System is an online accounting system by 59160781 Individual Developer. A security vulnerability exists in Online Accounting System version 1.4.0 and earlier, which stems from a path traversal caused by the parameter fid in the file ckeditor/filemanager/browser/default/image.php...
OroPlatform vulnerable to path traversal during temporary file manipulations
Impact Path Traversal is possible in Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. The file will be deleted...
Path traversal
OroPlatform is a PHP Business Application Platform BAP designed to make development of custom business applications easier and faster. Path Traversal is possible in Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName. With this method, an attacker can pass the path to a non-existent file...
CVE-2022-41951
CVE-2022-41951 – Path traversal in OroPlatform is caused by a vulnerability in the file manager routine getTemporaryFileName in Oro\Bundle\GaufretteBundle\FileManager, which could allow an attacker to write to a new file by supplying a path to a non-existent file. The root cause involves unsafe h...
CVE-2023-40166
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...
Heap overflow
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...
CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...
CVE-2023-40166
CVE-2023-40166 affects Notepad++ versions prior to 8.5.7. The issue is a heap buffer read overflow in FileManager::detectLanguageFromTextBegining, which can leak internal memory information and, per related advisories, may enable arbitrary code execution under some conditions. Public exploits exi...
CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...