CVE-2018-16236

cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering...

CVE-2018-16236

CVE-2018-16236 affects cPanel through version 74, allowing XSS via a crafted filename in the logs subdirectory of a user account. The root cause is that the filename is mishandled during rendering of frontend/THEME/raw/index.html, enabling script injection. Exploit details (in-the-wild, vectors) ...

CVE-2018-15810

Visiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it does not sanitize filename parameters...

Directory traversal

Visiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it does not sanitize filename parameters...

Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation

Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation SystemCollector PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service Affected Products Windows 10 Windows Server Windows Server 2016 Visual Studio 2015 Update 3 Visual Studio 20...

Phusion Passenger uses a known /tmp filename

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user...

GHSA-CQXW-3P7V-P9GR Phusion Passenger uses a known /tmp filename

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user...

OpenSC 0.18.0 Buffer Overflow / Out Of Bounds Read Vulnerability

Multiple issues have been identified in OpenSC, ranging from stack based buffer overflows to out of bounds reads and writes on the heap. They can be triggered by malicious smartcards sending malformed responses to APDU commands. Additionally to those fixes reported here, a lot of minor issues eg...

cPanel Filename Based Stored XSS < v76 Exploit

Usage Info Create a file as named with your payload in /home/user/logs directory or run the php exploit. + Title: cPanel Filename Based Stored XSS http://ip:2082/cpsessXXXXXXXXXX/frontend/THEME/raw/index.html '; else die'An error occured.'; else echo 'Enter your payload: " "...

man-cgi Local File Inclusion Vulnerability

Exploit for linux platform in category remote exploits man-cgi before 1.16 allows Local File Inclusion via absolute path traversal. If an Attacker provides a Filename as a Parameter e.g. https://example.org/cgi-bin/man-cgi?/etc/passwd the Script will read and return the local file. This is...

CVE-2018-1155

In SecurityCenter versions prior to 5.7.0, a cross-site scripting XSS issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue...

CVE-2018-1155

In SecurityCenter versions prior to 5.7.0, a cross-site scripting XSS issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue...

(Pwn2Own) Huawei Reader FileName Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to create arbitrary files on vulnerable installations of Huawei Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Open-Xchange: store xss in calendar via upload filename

reproduce step 1.access url https://sandbox.open-xchange.com/appsuite/app=io.ox/calendar/scheduling 2.create appointment 3.upload file ,the file name with payload '"img src=x onerror=alertdocument.domain.svg' 4.access...

CVE-2018-3771

An XSS in statics-server = 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser...

GhostMail Filename To Link Script Insertion

Document Title: =============== GhostMail - filename to link POST Inject Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1471 Release Date: ============= 2018-06-26 Vulnerability Laboratory ID VL-ID: ====================================...

gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification

A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could ha...

gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification

A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could ha...

gnupg2 security update

2.0.22-5 - fix CVE-2018-12020 - missing sanitization of original filename...

gnupg2 security update

2.0.14-9 - fix CVE-2018-12020 - missing sanitization of original filename...