164 matches found
EUVD-2025-21128
Malicious code in bioql PyPI...
EUVD-2024-52190
Malicious code in bioql PyPI...
EUVD-2025-31598
Malicious code in bioql PyPI...
EUVD-2023-43862
Malicious code in bioql PyPI...
EUVD-2023-34966
Malicious code in bioql PyPI...
CVE-2025-56807
CVE-2025-56807 affects FairSketch RISE Ultimate Project Manager & CRM (v3.9.4). The vulnerability is a Stored XSS in the File Manager/File Explorer utilized when creating new folders: the title parameter is not properly sanitized, allowing an attacker (with admin privileges as per description) to...
CVE-2024-53921
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process...
CVE-2022-40142
A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. Please note: an attacker mus...
CVE-2020-21056
Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to create folders via the folder variale to app\edit\foldernew.php...
Moodle 4.1.x < 4.1.3 Arbitrary Folder Creation
According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.3. It is, therefore, affected by an Arbitrary Folder creation in TinyMCE. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...
CVE-2024-6037
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
PT-2024-35976 · Samsung · Samsung Magician
Name of the Vulnerable Software and Affected Versions: Samsung Magician version 8.1.0 Description: An issue was discovered in the installer of Samsung Magician on Windows, allowing an attacker to create arbitrary folders in the system permission directory via a symbolic link during the installati...
PT-2024-39880 · Ivanti · Ivanti Secure Access Client
Name of the Vulnerable Software and Affected Versions: Ivanti Secure Access Client versions prior to 22.7R4 Description: The issue allows a local authenticated attacker to create arbitrary folders due to incorrect permissions. Recommendations: For versions prior to 22.7R4, update to version 22.7R...
CVE-2024-42481 Complete crash of host system due to calculateDirectorySize in skyportd
Skyport Daemon skyportd is the daemon for the Skyport Panel. By making thousands of folders & files easy due to skyport's lack of rate limiting on createFolder. createFile, skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2...
CVE-2024-6037 Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
CVE-2024-6037 Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
CVE-2024-6037
The CVE-2024-6037 entry concerns gaizhenbiao/chuanhuchatgpt version 20240410. The connected documents provide concrete details: an attacker can create arbitrary folders anywhere on the server, including the root directory (for example, C: dir). This action leads to resource exhaustion and potenti...
CVE-2024-6037 Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
PT-2024-37335 · Unknown · Gaizhenbiao/Chuanhuchatgpt
Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt version 20240410 Description: A vulnerability allows an attacker to create arbitrary folders at any location on the server, including the root directory. This can lead to uncontrolled resource consumption, resulting...
Node.js Module node-tar < 6.2.1 DoS
In the nodejs module node-tar prior to version 6.2.1, there is no validation of the number of folders created while unpacking a file. As a result, an attacker can use a malicious file to exhaust the CPU and memory on the host and crash the nodejs client. Note that Nessus has not tested for these...