USN-6981-1 drupal7 vulnerabilities

It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-13671 It was discovered that Drupal incorrectly sanitized archived filenames. A remote attacker could possibly use this issue to overwrite...

Helpdeskz 2.0.2 Cross Site Scripting

Exploit Title: Stored XSS Vulnerability via File Name Google Dork: N/A Date: 08 Aug 2024 Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox...

Exploit for Improper Encoding or Escaping of Output in Apache Http_Server

CVE-2024-38473 Nuclei Template !imagehttps://github.com/us...

GO-2023-2068 Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device in github.com/schollz/croc

Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device in github.com/schollz/croc...

USN-6965-1 vim vulnerabilities

It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that vim incorrectly handled memor...

EulerOS Virtualization 2.11.0 : less (EulerOS-SA-2024-2180)

According to the versions of the less package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename....

EulerOS 2.0 SP12 : less (EulerOS-SA-2024-2217)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-2180)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-42305

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

CVE-2024-42305 ext4: check dot and dotdot of dx_root before making dir indexed

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the fact that when mounting a remote filesystem using NFS, the kernel does not clean up the remotely supplied filename, which can lead to proxy problems...

VulnCheck KEV: CVE-2023-46574

An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-2084)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

Flowise Path Injection at /api/v1/openai-assistants-file

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the /api/v1/openai-assistants-file endpoint in index.ts is vulnerable to arbitrary file read due to lack of sanitization of the fileName body parameter. No known patches for this...

Cross-site Scripting (XSS)

ezsystems/ezplatform-admin-ui is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper escaping of filenames, allowing XSS payloads to be executed during file upload...

WordPress Zephyr Project Manager plugin <= 3.3.100 - Authenticated (Subscriber+) Stored Cross-Site Scripting via filename Parameter vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via filename Parameter vulnerability discovered by wesley wcraft in WordPress Plugin Zephyr Project Manager versions = 3.3.100...

CVE-2024-7356

The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘filename’ parameter in all versions up to, and including, 3.3.100 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Zephyr Project Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-38287 · WordPress · Zephyr Project Manager

Name of the Vulnerable Software and Affected Versions: Zephyr Project Manager plugin for WordPress versions up to, and including, 3.3.100 Description: The issue is related to Stored Cross-Site Scripting via the filename parameter due to insufficient input sanitization and output escaping. This...