PT-2022-19306 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version 5.3c.7159 B20190425 Description: A command injection issue was found via the filename parameter in the "/setting/CloudACMunualUpdate" API endpoint. Recommendations: For TOTOLink N600R version 5.3c.7159 B20190425, avoid...

golang: archive/zip: Reader.Open panics on empty string

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open the API implementing io/fs.FS introduced in Go 1.16 can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument...

Directory Traversal

NopCommerce.Core is vulnerable to path traversal. An attacker can access files outside the expected directory by sending the wrong values through the POST request for the FileName parameter in the BackupAction function of CommonController.cs...

Checkout Files Upload for WooCommerce < 2.1.3 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape filenames before outputting them back in order confirmation page, leading to a Reflected Cross-Site Scripting...

CVE-2022-27982

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution RCE vulnerability via the fileName parameter at /guestauth/cfg/upLoadCfg.php...

CVE-2022-27982

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution RCE vulnerability via the fileName parameter at /guestauth/cfg/upLoadCfg.php...

Remote code execution

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution RCE vulnerability via the fileName parameter at /guestauth/cfg/upLoadCfg.php...

CVE-2022-27982

CVE-2022-27982 affects the RG-NBR-E Enterprise Gateway RG-NBR2100G-E. A remote code execution (RCE) vulnerability is exposed via the fileName parameter in /guest_auth/cfg/upLoadCfg.php. The NVD entry lists a high/critical impact in CVSS v2/v3 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base scores 7.5/...

GHSA-8WCH-9GCG-V2PR Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename...

Indexed Search Engine for TYPO3 Command Execution via Metacharacter Injection

The Indexed Search Engine indexedsearch system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line index...

GHSA-74W6-WW7W-45J9 Indexed Search Engine for TYPO3 Command Execution via Metacharacter Injection

The Indexed Search Engine indexedsearch system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line index...

Exploit for Path Traversal in Wso2 Api_Manager

CVE-2022-29464 CVE-2022-29464 POC exploit Usage shell us...

Multiple Store XSS via upload svg file and the file name of attachment

Description Hi There, facturascripts is vulnerable to store XSS by upload svg file, and the filename Step to produce with svg file Login as admin or any account has role Admin-Library, access Admin - library - New and upload file svg with content: alertdocument.cookie; save this. XSS will be...

CVE-2021-40680

There is a Directory Traversal vulnerability in Artica Proxy 4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273 via the filename parameter to /cgi-bin/main.cgi...

Artica Proxy 路径遍历漏洞

Artica Proxy is an open source Artica proxy solution from Artica France. A security vulnerability exists in Artica Proxy VMWare Appliance 4.30.000000 SP273 and earlier versions and Artica Proxy versions 4.30.000000 SP206 through SP255, which stems from a lack of filtering of the filename paramete...

Exploit for Cross-site Scripting in Solutions-Atlantic Regulatory_Reporting_System

CVE-2022-29598 : Reflected Cross-Site Scripting XSS in RSS v...

SUSE-SU-2022:1272-1 Security update for gzip

This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062...

[SECURITY] [DSA 5122-1] gzip security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5122-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2022 https://www.debian.org/security/faq -...

SUSE-SU-2022:1250-1 Security update for gzip

This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062 The following non-security bugs were fixed: - Fixed an issue when 'gzexe' counts the lines to skip wrong. bsc1180713 - Fixed a potential segfault when zli...

The vulnerability of the Jszip zip file processing library, related to improper code generation, allows a hacker to cause a service failure.

The vulnerability of the Jszip zip file processing library is related to incorrect handling of file names. Exploiting this vulnerability allows a remote attacker to cause service interruptions...