CVE-2022-36264

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...

CVE-2022-36264

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...

Unauthenticated Path Traversal

Description A unauthenticated user can read and download files of the application system by abusing the filename parameter, of the /api/image/cover-uploadendpoint, that is not properly sanitized. Proof of Concept 1 - Send the following request, where the filename has the relative path of the targ...

DEBIAN-CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

Django 安全漏洞

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, a view system, a template system, and more. A security vulnerability exists in Django versions 3.2 prior to 3.2.15 and 4.0 prior to 4.0.7...

AZL-10461 CVE-2022-29154 affecting package rsync for versions less than 3.2.5-1

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...

ALPINE-CVE-2022-29154

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...

rsync 输入验证错误漏洞

rsync is an open source utility program by Wayne Davison, an individual developer, that provides fast incremental file transfers. A security vulnerability exists in versions prior to rsync 3.2.5 that stems from insufficient validation of filenames by the rsync client...

The vulnerability of the `setUpgradeFW` function in TOTOLINK router microprogramming devices, such as TOTOLINK A800R, TOTOLINK A810R, TOTOLINK A830R, TOTOLINK A950RG, TOTOLINK A3000RU, and TOTOLINK A3100R, allows a hacker to execute arbitrary commands.

The vulnerability of the setUpgradeFW function parameter FileName in the microprogramming software for TOTOLINK A800R, TOTOLINK A810R, TOTOLINK A830R, TOTOLINK A950RG, TOTOLINK A3000RU, and TOTOLINK A3100R routers is related to the lack of measures for cleaning input data. Exploiting this...

Drupal RCE Vulnerability (SA-CORE-2022-014) - Windows

Drupal is prone to a remote code execution RCE vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014

Updated 2022-07-20 19:45 UTC to indicate that this only affects Apache web servers. Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference:...

Dompdf 安全漏洞

Dompdf is an HTML to PDF converter. A security vulnerability exists in Dompdf versions prior to 2.0.0, which originates from an externally controlled filename or path...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the filename parameter in the 'New Page' dialog on the Overview or Pages page. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an...

XSS via `filename` parameter to New Page dialog

Cross site scripting XSS in gollum 5.0 to 5.1.2 via the filename parameter to the 'New Page' dialog...

CVE-2020-35305

Cross site scripting XSS in gollum 5.0 to 5.1.2 via the filename parameter to the 'New Page' dialog...

Gollum 跨站脚本漏洞

Gollum is a simple wiki system built on top of Git by Gollum. It has a good API and a native front-end. A security vulnerability exists in Gollum versions 5.0 through 5.1.2, which originates from cross-site scripting XSS in gollum via filename arguments to the New Page dialog box...

Fortinet FortiClient 路径遍历漏洞

Fortinet FortiClient is a structured agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. A path traversal vulnerability exists in Fortinet FortiClient that stems from an input validation error when processing a director...

UBUNTU-CVE-2022-34483

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

CVE-2022-33085

ESPCMS P8 was discovered to contain an authenticated remote code execution RCE vulnerability via the fetchfilename function at \espcmspublic\espcmstemplates\ESPCMSTemplates...

CVE-2022-2106

Elcomplus SmartICS Web HMI v2.3.4.0 exposes a relative path traversal due to insufficient filename validation. An authenticated administrator can specify arbitrary files, enabling potential exposure of sensitive data. Mitigation: upgrade to SmartICS 2.4 (patch released) and apply network/access c...