Improper handling of double quotes in file name in Diffy in Windows environment

The function that calls the diff tool in versions of Diffy prior to 3.4.1 does not properly handle double quotes in a filename when run in a Windows environment. This allows attackers to execute arbitrary commands via a crafted string...

CVE-2022-33127

The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...

CVE-2022-33127

The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...

UBUNTU-CVE-2022-33127

The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...

Diffy 安全漏洞

Diffy is a simple distinction in Ruby by Sam Goldstein, a personal developer. Diffy suffers from a security vulnerability that stems from the fact that the function that calls the diff utility in Diffy 3.4.1 does not properly handle double quotes in filenames when running in a Windows environment...

PT-2022-3471 · Elcomplus · Elcomplus Smartics

Name of the Vulnerable Software and Affected Versions: Elcomplus SmartICS version 2.3.4.0 Description: The issue is related to insufficient filename validation, which allows authenticated administrator-level users to perform path traversal attacks and specify arbitrary files. This can be exploite...

FacturaScripts 跨站脚本漏洞

FacturaScripts is an ERP software. A cross-site scripting vulnerability exists in versions prior to facturascripts 2022.06, which stems from a lack of filename validation, and can be exploited by an attacker to upload a svg file resulting in a cross-site scripting attack...

ChatBot App with Suggestion Arbitrary File Deletion Vulnerability

ChatBot App with Suggestion is a ChatBot application with suggestion by Carlo Montero's personal developer. v1.0 of ChatBot App with Suggestion is vulnerable to an arbitrary file deletion vulnerability that originates in /simplechatbot/ classes/Master.php lacks valid validation for filenames, whi...

CVE-2022-32273

As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...

CVE-2022-32273

OPSWAT MetaDefender Core (MDCore) prior to version 5.1.2 is affected. An observable discrepancy in returned messages can allow an authenticated user to enumerate filenames on the server, exposing directory/file names. The vulnerability is tied to the MDCore component and requires authentication. ...

Out-Of-Bounds Read

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

ChatBot App with Suggestion 安全漏洞

ChatBot App with Suggestion is a ChatBot application with suggestion by Carlo Montero's personal developer. v1.0 of ChatBot App with Suggestion is vulnerable to an arbitrary file deletion vulnerability that originates in /simplechatbot/ classes/Master.php lacks valid validation for filenames, whi...

Online Fire Reporting System 安全漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. v1.0 of Online Fire Reporting System is vulnerable to an arbitrary file deletion vulnerability, which originates in /ofrs/classes/Master.php?f= deleteimg lacks valid validation for filenames,...

GHSA-7GH6-F4JH-3CRQ Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats

Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources...

GHSA-7X8G-H246-GVX3 Dolibarr authenticated Remote Code Execution

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the projdoceditpage.php Project Documentation feature. An attacker can execute arbitrary code after uploading an attachment with a crafted filename. The code is...

GHSA-XG77-XQHQ-CRPR Stored XSS vulnerability in Code Coverage API Plugin

Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view. This results in a stored cross-site scripting vulnerability that can be exploited by users able to change the job configuration. Code Coverage API Plugin 1.1.3 escapes the filename of...

GHSA-GG4J-279J-22PH MantisBT allows cross-site scripting (XSS) via crafted filename

The Timeline feature in myviewpage.php in MantisBT through 2.21.1 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed for any user having visibility to the...

MantisBT allows cross-site scripting (XSS) via crafted filename

The Timeline feature in myviewpage.php in MantisBT through 2.21.1 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed for any user having visibility to the...

CVE-2019-12921

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG...