CVE-2020-4871

IBM Planning Analytics 2.0 is affected by CVE-2020-4871, an information-disclosure vulnerability where web pages can be stored locally and read by another user on the same system. This could expose user data. CVSS3.1 base score 5.5 (LOCAL, LOW complexity, NONE user interaction) with HIGH confiden...

PT-2021-10097 · Apache · Apache Flink

Name of the Vulnerable Software and Affected Versions: Apache Flink versions 1.11.0 through 1.11.2 Description: A change introduced in Apache Flink allows attackers to read any file on the local filesystem of the JobManager through the REST interface. Access is restricted to files accessible by t...

TikTok: External SSRF and Local File Read via video upload due to vulnerable FFmpeg HLS processing

A local file disclosure vulnerability was found which an attacker could have used to upload a payload file via the TikTok website and potentially exfiltrate arbitrary local system files. We thank @ach for reporting this to our team and confirming the resolution. Summary: FFmpeg is a free and...

CVE-2020-4906

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system...

October CMS Path Traversal Vulnerability

October CMS is an open source content management system CMS based on PHP and the Laravel web application framework. A security vulnerability exists in October CMS versions prior to 1.0.421 and 1.0.469, which can be exploited by an attacker to read local files on the October CMS server via a...

Lionwiki Security Vulnerabilities

Lionwiki is a small wiki builder based on file templates written in Php by the Lionwiki team. A security vulnerability exists in LionWiki versions prior to 3.2.12 that allows an unauthenticated user to read files as a web server user by creating strings in the index.php f1 variable i.e. local fil...

CVE-2020-27017

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an XML External Entity Processing XXE vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrator/root privileges to...

CVE-2020-4650

Summary: CVE-2020-4650 affects IBM Maximo Spatial Asset Management 7.6.0.3/0.4/0.5/1.0 where web pages can be stored locally and read by another user on the same system. The core issue is a local storage exposure in the web component, enabling access to locally stored pages. The NVD entry notes a...

BigBlueButton Server-Side Request Forgery Vulnerability

BigBlueButton is BigBlueButton community of a set of open source Web conferencing system . A server-side request forgery vulnerability exists in versions prior to BigBlueButton 2.2.7 that allows an attacker to read a local file and perform an SSRF attack via an uploaded Office document with a...

CVE-2020-7749

This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ... . As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page which...

CVE-2020-7749

This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ... . As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page which...

Design/Logic Flaw

This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ... . As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page which...

CVE-2020-7749

The CVE-2020-7749 issue affects all versions of osm-static-maps where user input is passed directly to a template without escaping ({{{ ... }}}). This enables injection of arbitrary HTML/JS, leading to XSS in the rendered page and, in server contexts (e.g., Puppeteer), potential SSRF and Local Fi...

CVE-2020-7749 Server-side Request Forgery (SSRF)

This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ... . As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page which...

Xxe

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RSS To SMS module processes XML files in an unsafe manner. This opens the application to an XML External Entity attack that can be used to perform SSRF or read arbitrary local files...

CVE-2020-4344

IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 178247...

CVE-2020-4171

IBM Security Guardium Insights 2.0.1 contains a local storage Information Disclosure vulnerability where web pages can be stored locally and read by other users on the same system. This is described in CVE-2020-4171 and is supported by vendor references (IBM Security Guardium Insights 2.0.1). Imp...

jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the mysql gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

Design/Logic Flaw

In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling event.preventDefault on all new-window events where the url or options is not...

CVE-2020-4075 Arbitrary file read via window-open IPC in Electron

In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling event.preventDefault on all new-window events where the url or options is not...