CVE-2022-48124

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...

CVE-2022-48124

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...

CVE-2022-48124

CVE-2022-48124 affects the TOTOLINK A7100RU (version 7.4cu.2313_B20191024). The vulnerability is a command injection in the FileName parameter of the function setting/setOpenVpnCertGenerationCfg. The CVE’s metrics indicate a critical impact (CVSS v3.1: 9.8, scope UNCHANGED, confidentiality/ integ...

RONDS EPM 路径遍历漏洞

RONDS EPM is an application from RONDS, Inc. A path traversal vulnerability exists in RONDS EPM version 1.19.5 that stems from not properly validating the filename parameter. An attacker could use this vulnerability to download a file from a specified file path...

Inline SVG 跨站脚本漏洞

Inline SVG is a library from the personal developer James Martin. SVG documents are styled for use on the Web using CSS by adding classes to the document and embedding them in HTML. A cross-site scripting vulnerability exists in Inline SVG that stems from unknown functionality in the file...

PT-2023-11814 · Unknown · Jamesmartin Inline Svg

Name of the Vulnerable Software and Affected Versions: jamesmartin Inline SVG versions up to 1.7.1 Description: A vulnerability has been found in the component URL Parameter Handler, specifically in the file lib/inline svg/action view/helpers.rb. The manipulation of the argument filename leads to...

External Control of Assumed-Immutable Web Parameter

Overview Affected versions of this package are vulnerable to External Control of Assumed-Immutable Web Parameter due to improper escape of the " character in the generatemultipart function, which allows injecting malicious content to the filename parameter via the Content-Disposition header. PoC...

JOBE 安全漏洞

JOBE is a server for running small programming jobs in various programming languages by Richard Lobb, a personal developer. A security vulnerability exists in JOBE version 1.6.4 and earlier versions, which stems from the handling of the parameter sourcefilename that can lead to unknown...

TOTOLINK NR1800X Command Injection Vulnerability

TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE broadband access device from China's Gion Electronics TOTOLINK, which is mainly used for the deployment of NR fixed data services in homes and offices to support 5G NR network connectivity. A command injection vulnerability exists in the TOTOLI...

CVE-2022-44252

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...

CVE-2022-44252

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...

Command injection

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function...

Command injection

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...

CVE-2022-44249

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function...

CVE-2022-44249

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function...

PT-2022-27151 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: The issue concerns a command injection via the FileName parameter in the setUploadSetting function. This allows for potential malicious commands to be executed. No information is...

CVE-2022-44252

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...

CVE-2022-42977

The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system e.g., an SSH private key to be downloaded...

PT-2022-26689 · Atlassian · Netic User Export +1

Name of the Vulnerable Software and Affected Versions: Netic User Export add-on for Atlassian Confluence versions prior to 1.3.5 Description: The issue allows an HTTP request to download any file on the system, including sensitive files like SSH private keys, due to the fileName parameter accepti...

Authenticated SQL injection via filename & update-instance parameters

There is a SQL injection vulnerability inside saveMeta function in AttachmentAbstract.php. When a file is being uploaded via admin/index.php?action=ajax&ajax=att&ajaxaction=upload endpoint, the filename parameter isn't being sanitized and its later on interpolated into a raw SQL query inside...