The vulnerability of the setUploadUserData() function in TOTOLINK CP900 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setUploadUserData function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the setUpgradeUboot() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setUpgradeUboot function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

CVE-2020-21732

Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting XSS. An attacker can add JavaScript code to the filename...

PT-2024-35947 · Eddi · Eddi

Name of the Vulnerable Software and Affected Versions: EDDI Enhanced Dialog Driven Interface versions prior to 5.4 Description: A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in RestExportService.java. This vulnerability allows an attacker to acce...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba, Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from an internal program within the multifunction device where certain APIs do not check for filename input, allowing arbitrary files t...

PT-2024-19413 · Unknown · Anything-Llm

Name of the Vulnerable Software and Affected Versions: AnythingLLM versions prior to commit 08d33cfd8 Description: AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit...

PT-2024-3871 · Kitty · Kitty

Name of the Vulnerable Software and Affected Versions: KiTTY versions 0.76.1.13 and before Description: The issue is related to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls. This allows an attacker to add inputs inside the filenam...

SUSE CVE-2021-31799

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename...

sinatra: Reflected File Download attack

A flaw was found in Sinatra, a domain-specific language for creating web applications in Ruby. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input...

GHSA-8X94-HMJH-97HQ Django vulnerable to Reflected File Download attack

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

PT-2022-1915

Name of the Vulnerable Software and Affected Versions PJSIP affected versions not specified Description The issue is related to a stack overflow in the PJSUA API when calling the pjsua recorder create function. An attacker-controlled filename argument may cause a buffer overflow since it is copie...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernel.open method. Exploitation is possible only if untrusted input is used as a local...

springframework: RFD attack via Content-Disposition Header sourced from request input by Spring MVC or Spring WebFlux Application

A flaw was found in springframework in versions prior to 5.0.16, 5.1.13, and 5.2.3. A reflected file download RFD attack is possible when a "Content-Disposition" header is set in response to where the filename attribute is derived from user supplied input. The highest threat from this vulnerabili...

UBUNTU-CVE-2020-5398

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download RFD attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from use...

CVE-2011-0728

Cross-site scripting XSS vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not properly handled in a revision view...

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...