300 matches found
UBUNTU-CVE-2025-53964
GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...
The vulnerability of the Command Execution function in the file manager for managing files and directories in the File Browser allows a hacker to gain access to read and modify files.
The vulnerability of the Command Execution function in the file manager and File Browser web manager is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read and modify files...
yaml-libyaml: LibYAML Perl File Modification Vulnerability
A flaw was found in yaml-libyaml. The component uses a two-argument open function when parsing YAML files, which allows an attacker to modify existing files on the system. This flaw allows a local attacker to provide a crafted YAML file as input. This issue can result in unauthorized modification...
CVE-2023-5751
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere...
CVE-2019-14397
cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call SEC-496...
CVE-2001-1525
Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter...
CVE-1999-0308
HP-UX gwind program allows users to modify arbitrary files...
WordPress plugin WPMasterToolKit (WPMTK) – All in one plugin 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists ...
SAP Adobe Document Service 代码问题漏洞
Adobe Document Service is a service provided by Adobe for processing documents, supporting PDF creation, editing and other functions. A code issue exists in Adobe Document Service that originates from a vulnerability that allows an attacker with administrator privileges to send a specially crafte...
CVE-2024-39581
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files...
K000140865: Linux kernel vulnerability CVE-2023-45871
Security Advisory Description An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Impact An attacker can exploit the vulnerability to access...
CVE-2024-39916 NFS server misconfiguration allows file access outside the exported directory
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. There is a security issue with the NFS configuration in /etc/exports generated by the installer that allows an attacker to modify files outside the export in the default installation. The exports have the...
WordPress plugin ARForms security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
The vulnerability of the Redmine DMSF plugin, a project and task management system, arises from incorrect restrictions on the path to the restricted catalog. This allows attackers to gain read, modify, or delete access to files.
The vulnerability of the Redmine DMSF plugin, a project and task management system, is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files...
CVE-2024-1683
A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services...
CVE-2023-5389
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...
CVE-2023-47702
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view modify files on the system. IBM X-Force ID: 271196...
Code injection
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view modify files on the system. IBM X-Force ID: 271196...
The vulnerability of the web portal of the microprogramming software for TP-Link Archer VR1600V (AC1600) allows a hacker to gain access to read, modify, or delete files, execute arbitrary commands, or trigger a service failure.
The vulnerability of the web-based software platform of TP-Link Archer VR1600V AC1600 wireless VoIP routers lies in the lack of measures to neutralize special elements used in the operating system’s processing of the variable XTPIfName. Exploiting this vulnerability can allow an attacker to gain...
CVE-2023-38544
A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system...