8767 matches found
Code injection
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply updatendswebrootfromtmp API call...
CVE-2019-10658
Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.updatendswebrootfromtmp updatendswebrootfromtmp API call...
CVE-2019-10656
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply updatendswebrootfromtmp API call...
CVE-2019-10658
Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.updatendswebrootfromtmp updatendswebrootfromtmp API call...
CVE-2019-10656
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply updatendswebrootfromtmp API call...
Sitemagic CMS Cross-Site Scripting Vulnerability
Sitemagic CMS is a scalable content management system CMS. A cross-site scripting vulnerability exists in the SMFiles/FrmUpload.class.php file in Sitemagic CMS v4.4, which can be exploited by remote attackers to inject arbitrary web script or HTML with the help of the 'filename' parameter...
CVE-2019-10238
Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename parameter...
CVE-2019-10238
Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename parameter...
SUSE-SU-2019:13992-1 Security update for libmspack
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 - CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...
Cross-site Scripting (XSS)
drupal/core is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of validation of UTF8 on the filename, allowing a remote attacker to inject arbitrary Javascript into a victim's browser...
SUSE SLED15 / SLES15 Security Update : libmspack (SUSE-SU-2019:0748-1)
This update for libmspack fixes the following issues : Security issues fixed : CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...
SUSE-SU-2019:0748-1 Security update for libmspack
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 - CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...
Humhub cross-site scripting vulnerability (CNVD-2019-12169)
Humhub is a set of open source social networking software based on the Yii PHP framework written . A cross-site scripting vulnerability exists in file/file/upload in version 1.3.10 of Humhub Community Edition. A remote attacker can use the 'filename' parameter to inject arbitrary web script or HT...
Deserialization of Untrusted Data
Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. It is possible insert the php wrapper “phar” with an arbitrary path in filename parameter that allows arbitrary code...
CVE-2018-17955
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection...
CVE-2018-17955
CVE-2018-17955 affects yast2-multipath prior to version 4.1.1. The vulnerability arises from a static temporary filename that allows local attackers to overwrite files on systems without symlink protection. Impact is described as local complete/partial integrity on affected files with potential a...
PT-2019-9645 · Netdata +4 · Netdata +4
Name of the Vulnerable Software and Affected Versions: Netdata version 1.10.0 Description: An issue exists in the software where HTTP Header Injection is possible via the filename parameter in the "api/v1/data" endpoint. This is due to the web client api request v1 data function in web/api/web ap...
Design/Logic Flaw
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request...
CVE-2019-9632
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request...
CVE-2019-9632
CVE-2019-9632 affects ESAFENET CDG V3 and V5. The vulnerability enables arbitrary file download via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request. Reported impact is information disclosure; CVSSv3 base score 7.5 (HI...