11 matches found
CVE-2025-69195
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...
EUVD-2006-2659
Malware in sbrugna...
EUVD-2019-5235
Malware in sbrugna...
EUVD-2015-5666
Malware in sbrugna...
EUVD-2012-2947
Malware in sbrugna...
CVE-2012-2969
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request...
Mozilla Firefox Security Bypass Vulnerability (CNVD-2024-29334)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by an attacker to bypass filename restrictions during a save...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by an attacker to bypass filename restrictions during a save...
PT-2023-3523 · Microsoft · Office +1
Name of the Vulnerable Software and Affected Versions: Microsoft Office versions prior to the fixed version Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing security restrictions. The vulnerability can be exploited if a filename ends ...
Pluck Cross-Site Scripting Vulnerability
pluk is a simple content management system CMS written in PHP. A security vulnerability exists in versions prior to pluck 4.7.6, which stems from the program failing to properly restrict the character set for filenames. A remote attacker can exploit this vulnerability to inject arbitrary web scri...
USN-2572-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-3330 It was discovered that PHP incorrectly handled opening tar, zip or ph...