Design/Logic Flaw

Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...

Mageia: Security Advisory (MGASA-2020-0453)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Multiple vulnerabilities through filename manipulation in Archive_Tar

ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite files can still succeed. See: https://github.com/pear/ArchiveTar/issues/33...

GHSA-75C5-F4GW-38R9 Multiple vulnerabilities through filename manipulation in Archive_Tar

ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite files can still succeed. See: https://github.com/pear/ArchiveTar/issues/33...

CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

Updated php-pear packages fix security vulnerabilities

Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...

MGASA-2020-0453 Updated php-pear packages fix security vulnerabilities

Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...

CVE-2020-12251

An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value in the POST method from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete directory listing of the...

CVE-2020-10964

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...

CVE-2018-20250

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format in UNACEV2.dll. When the filename field is manipulated with specific patterns, the destination extraction folder is ignored, thus treating the filename as an...

PT-2019-1440

Name of the Vulnerable Software and Affected Versions OpenSSH versions 7.9 Description The issue is related to the scp client in OpenSSH, which allows a malicious server to bypass intended access restrictions. This can be achieved by manipulating the filename, such as using . or an empty filename...

PT-2019-1442 · Openssh +6 · Openssh +6

Name of the Vulnerable Software and Affected Versions: OpenSSH version 7.9 Description: The issue is related to insufficient access control in the OpenSSH utility, specifically in the refresh progress meter function. This can allow a remote attacker to disclose protected information or execute...

CVE-2018-8909

The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala...

Tilde CMS Arbitrary File Upload Vulnerability

Tilde CMS is a web content management system CMS. A security vulnerability exists in Tilde CMS version 1.0.1. The vulnerability can be exploited to bypass arbitrary file upload restrictions by manipulating the filename.+php file...

CVE-2017-11326

An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass the implemented restrictions on arbitrary file upload via a filename.+php manipulation...

CVE-2014-9373

Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. dot dot in the filename...

CVE-2011-1154

The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name...

CVE-2010-4154

Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a ".." dot dot backslash in a filename...

CVE-2009-3233

changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack...

Unrestricted file upload

Unrestricted file upload vulnerability in member/uploadsedit.php in dedecms 5.3 allows remote attackers to execute arbitrary code by uploading a file with a double extension in the filename, then accessing this file via unspecified vectors, as demonstrated by a .jpg.php filename...