beep External Control Filename Path Vulnerability Vulnerability

beep is a command line tool for controlling the sound of speakers on Linux. A security vulnerability exists in the --device option in beep 1.3 and later versions. A local attacker can exploit this vulnerability to prohibit other users from executing arbitrary programs...

Cross site scripting

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

Directory Traversal

buttle is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of filename, allowing directory traversal attacks...

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

OneFileCMS Arbitrary PHP Code Execution Vulnerability

OneFileCMS is a lightweight CMS system. The system runs on PHP and JavaScript and includes features such as document editing, file uploading and file management. A security vulnerability exists in the onefilecms.php file in OneFileCMS version 2012-04-14 and earlier. The vulnerability can be...

Unrestricted file upload

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

CVE-2018-12994

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen...

CVE-2018-12995

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen...

Code injection

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen...

CVE-2018-12994

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen...

Directory traversal

WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the...

SUSE-SU-2018:1814-1 Security update for gpg2

This update for gpg2 fixes the following security issue: - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'...

Redatam7 path traversal vulnerability (CNVD-2018-17903)

Redatam 7 formerly known as Redatam WebServer is a computerized data processing system. The system is primarily used for processing and analyzing census, administrative records and national/regional data, among others. A directory traversal vulnerability exists in Redatam7. A remote attacker can...

Simplehttpserver Cross-Site Scripting Vulnerability

simplehttpserver is an HTTP file server. A cross-site scripting vulnerability exists in simplehttpserver, which stems from the program's lack of filename checksums. An attacker can exploit this vulnerability to inject arbitrary web script or HTML...

angular-http-server path traversal vulnerability

angular-http-server is an HTTP server for deploying single page applications. A path traversal vulnerability exists in angular-http-server, which stems from the program's lack of checksums on possibleFilename. An attacker can exploit this vulnerability to read the contents of an arbitrary file wi...

Updated gnupg gnupg2 packages fix a security vulnerability

Updated gnupg, gnupg2, and python-gnupg packages fix security vulnerability: Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that wou...