CVE-2020-15111

In Fiber before version 1.12.6, the filename that is given in c.Attachment https://docs.gofiber.io/ctxattachment is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With this filename, the...

CVE-2010-3092

The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to bypass the intended restrictions on downloading a file by uploading a different file with a similar...

CVE-2013-5541

Cross-site scripting XSS vulnerability in the file-upload interface in Cisco Identity Services Engine ISE allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename, aka Bug ID CSCui67495...

CVE-2019-14021

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

CVE-2019-10238

Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename parameter...

CVE-2019-10658

Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.updatendswebrootfromtmp updatendswebrootfromtmp API call...

CVE-2019-17630

CMS Made Simple CMSMS 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News Add Article" screen...

CVE-2019-17320

NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename...

CVE-2019-9632

ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request...

CVE-2019-17523

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp...

CVE-2019-16318

In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317...

CVE-2018-18487

In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...

CVE-2017-11178

In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked...

CVE-2017-16661

Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd with a Log Path under /etc to read /etc/passwd...

CVE-2012-4873

Cross-site scripting XSS vulnerability in the filedownload function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter...

CVE-2019-15603

The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting XSS vulnerability via a malicious filename rendered in a directory listing...

CVE-2013-1085

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...

CVE-2019-15539

The projdoceditpage.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed when editing the document...

CVE-2014-2864

Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences...

CVE-2018-11330

An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted...