DEBIAN-CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

ALPINE-CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2018-18419

Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI...

CVE-2018-18419

Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI...

CVE-2018-18487

In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...

GHSA-387V-84CV-9QMC Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

DEBIAN-CVE-2018-12379

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. Thi...

Cisco Wireless LAN Controller Software Directory Traversal Vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. A directory traversal vulnerability exists in Cisco Wireless LAN Controller Software due to a failure to proper...

PT-2018-2128 · Cisco · Cisco Wireless Lan Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Wireless LAN Controller Software affected versions not specified Description: The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames, allowing an authenticated,...

Cross-site Scripting (XSS)

alchemycms is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of the image filename, allowing persistent XSS attacks...

CVE-2018-18258

An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI...

GHSA-QFH2-6F7Q-GR86 Cross-Site Scripting in sexstatic

All versions of sexstatic are vulnerable to stored cross-site scripting xss. This is exploitable if an attacker can control a filename that is served by sexstatic. Recommendation As there is no fix is currently available for this vulnerability it is our recommendation to not install or used this...

Mozilla: Out-of-bounds write with malicious MAR file

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. Thi...

Mozilla: Out-of-bounds write with malicious MAR file

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. Thi...

WordPress: Stored XSS on Broken Themes via filename

Hi, I've found something here, Description XSS Stored because filename of theme when broken, So when theme is broken, Wordpress will inform the name of theme who has been broken which is the folder name of theme and inform the error with description message. F342862 Looks like the filename is...

Node.js third-party modules: [tianma-static] Stored xss on filename

I would like to report stored xss in tianma-static It allows anyone to execute arbitary javascript for doing anything. Module module name: tianma-static version: 1.0.4 npm page: https://www.npmjs.com/package/tianma-static Module Description Provide a static file service. Vulnerability Vulnerabili...