PT-2024-25226 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus versions 4.3.0 and earlier Description: The issue allows a remote attacker to obtain sensitive information via a crafted GET request using the filePath parameter. This enables the attacker to read arbitrary files, potentially leadi...

CVE-2024-33383

The CVE-2024-33383 case concerns novel-plus versions 4.3.0 and earlier, with an Arbitrary File Read via a crafted GET request that uses the filePath parameter to expose sensitive data. Affected component is the application’s filePath-handling path; root cause is improper validation/handling of fi...

Tenda AC15 安全漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. Tenda AC15 suffers from a stack buffer overflow...

CVE-2024-28550

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function...

CVE-2024-28550

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function...

CVE-2024-28550

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function...

Tenda AC18 Security Vulnerability

Tenda AC18 is a router from Tenda, China. A security vulnerability exists in Tenda AC18 version V15.03.05.05, which originates from a stack overflow vulnerability in the filePath parameter of the formExpandDlnaFile function...

PT-2024-22456 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue is a stack overflow vulnerability in the filePath parameter of the formExpandDlnaFile function. Recommendations: For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider...

Improper Authorization

github.com/IceWhaleTech/CasaOS-UserService is vulnerable to Improper Authorization. The vulnerability is due to improper path filtering in the URL of user avatar image files. The regular expression used in the code snippet fails to sufficiently restrict access, allowing unauthorized actors to...

PT-2024-20241 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 4.3.0-RC1 and prior Description: An arbitrary file download issue exists, allowing an attacker to download files by passing specially crafted filePath and fileName parameters to the fileDownload function in the...

CVE-2022-38325

Tenda AC15 WiFi Router V15.03.05.19multi and AC18 WiFi Router V15.03.05.19multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile...

PT-2022-24368 · Tenda · Tenda Ac18 Wifi Router +1

Name of the Vulnerable Software and Affected Versions: Tenda AC15 WiFi Router version V15.03.05.19 multi Tenda AC18 WiFi Router version V15.03.05.19 multi Description: A buffer overflow issue was discovered via the filePath parameter at the "/goform/expandDlnaFile" API endpoint. Recommendations:...

Album Lock 路径遍历漏洞

Album Lock is an application by Staral Wang personal developer. It is used to hide photos and videos. A path traversal vulnerability exists in Album Lock version 4.0, which stems from some unknown functionality of the file /getImage, where the operation parameter filePaht leads to path traversal...

CVE-2022-0779

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

CVE-2022-0779

CVE-2022-0779 affects the WordPress plugin User Meta (before 2.4.4). The vulnerability stems from the Ajax action um_show_uploaded_file not validating the filepath parameter, enabling a low-privilege user (e.g., subscriber) to perform path traversal and enumerate local server files. The Red Hat a...

Alkacon Open CMS XSS via Logfile Viewer Settings function

Cross-site scripting XSS vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a...

Remote Code Execution (RCE)

aaptjs is vulnerable to remote code execution. The add function in index.js does not properly sanitize user-provided data, allowing an attacker to provide malicious code via its filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84829)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the remove function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84826)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the list function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84832)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the singleCrunch function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...