Windows PowerShell - Unsanitized Filename Command Execution

Windows PowerShell - Unsanitized Filename Command Execution ''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor...

Microsoft Windows PowerShell - Unsanitized Filename Command Execution

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell...

libreoffice security and bug fix update

1:5.3.6.1-21.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-21 - Resolves: rhbz1066844 drop libreofficekit requires 1:5.3.6.1-20 - Resolves: rhbz1672003 CVE-2018-16858...

CVE-2019-14312

Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI...

CVE-2019-14706

A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because...

CVE-2019-14699

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server...

Microsoft Windows PowerShell Command Execution Exploit

Microsoft Windows PowerShell Command Execution Exploit + Credits: John Page aka hyp3rlinx Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell is a Windows command-line shell designed especially for system administrators. PowerShell includes an interactive prompt and a scripting...

Node.js third-party modules: [seeftl] Stored XSS when directory listing via filename.

I would like to report Stored XSS via filename in directory listing in seeftl It allows to inject malicious input in a filename that leads to stored XSS when directories listing. Module module name: seeftl version: 0.1.1 npm page: https://www.npmjs.com/package/seeftl Module Description seeftl --...

Aptana Jaxer wikilite source browser local file inclusion vulnerability

Aptana Jaxer is an open source JavaScript server . A local file inclusion vulnerability exists in the wikilite source viewer in Aptana Jaxer version 1.0.3.4547. A remote attacker can exploit this vulnerability with tools/sourceViewer/index.html?filename=... / URI to read internal files...

EulerOS 2.0 SP8 : gimp (EulerOS-SA-2019-1761)

According to the version of the gimp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by th...

java-1.7.0-openjdk security update

1:1.7.0.231-2.6.19.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Update tapset name in patch. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 including tapsets and OpenJDK 7u231-b01....

CVE-2019-1010123

MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web request via...

EulerOS 2.0 SP2 : gimp (EulerOS-SA-2019-1741)

According to the version of the gimp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by t...

CVE-2019-13973

LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the customlogo filename suffix is not restricted, and .php may be used...

OS Command Injection

minimagick is vulnerable to OS command injection. The input to Image.open is passed directly to Kernelopen, which accepts the | character. This allows a remote attacker to inject arbitrary OS command via a malicious image filename...

UBUNTU-CVE-2019-13574

In lib/minimagick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernelopen, which accepts a '|' character followed by a command...

SNMPc Enterprise Edition 9 / 10 Mapping Filename Buffer Overflow

!/usr/bin/python -- coding: utf-8 -- -------------------------------------------------------------------- Exploit: SNMPc Enterprise Edition 9 & 10 Mapping File Name BOF Date: 11 July 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://www.castlerock.com/ Software Linke:...

SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow

!/usr/bin/python -- coding: utf-8 -- -------------------------------------------------------------------- Exploit: SNMPc Enterprise Edition 9 & 10 Mapping File Name BOF Date: 11 July 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://www.castlerock.com/ Software Linke:...

AZL-44598 CVE-2019-13464 affecting package mod_security_crs 3.0.0-11

An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...

DEBIAN-CVE-2019-13464

An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...