Lucene search
K

168 matches found

Debian CVE
Debian CVE
added 2022/07/18 12:0 a.m.28 views

CVE-2022-2400

External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...

5.3CVSS6.5AI score0.00913EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.3 views

Fortinet FortiClient 安全漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

8.4CVSS7.4AI score0.00215EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/04/19 12:0 a.m.310 views

CVE-2022-1119

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the /includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in...

7.5CVSS7.5AI score0.19613EPSS
In wildExploits2References6
OSV
OSV
added 2021/07/09 2:15 p.m.4 views

CVE-2021-30118

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...

9.8CVSS7.2AI score0.60084EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.4 views

The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network (EPN) Manager software for managing network services, and the Cisco Identity Services Engine platform for managing connection policies arises from improper external control of file names or paths. This allows attackers to write arbitrary files.

The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network EPN Manager software for managing network services, and the Cisco Identity Services Engine connection policy management platform are related to improper external manipulati...

4.4CVSS5.5AI score0.00212EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2021/02/23 5:15 p.m.5 views

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

8.8CVSS7.4AI score0.01509EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.24 views

Palo Alto Networks PAN-OS 7.1.x < 8.1.12 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 8.1.12 or 8.0.x prior to 8.1.12 or 8.1.x prior to 8.1.12 or 9.0.x prior to 9.0.6. It is, therefore, affected by a vulnerability. - An external control of path and data vulnerability in the Palo Alto Networks...

9.8CVSS8.4AI score0.01334EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2020/06/11 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-7194

QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files...

9.8CVSS7.3AI score0.82966EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
added 2020/06/11 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-7195

QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files...

9.8CVSS7.3AI score0.89681EPSS
Exploits9References1
BDU FSTEC
BDU FSTEC
added 2020/05/26 12:0 a.m.3 views

The vulnerability of the FTP service (default ports 21/tcp and 5411/tcp), which is used by the SiNVR 3 video server, allows a hacker to gain access to protected information.

The vulnerability of the FTP service default ports 21/tcp and 5411/tcp of the SiNVR 3 video server is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...

8.5CVSS6.7AI score0.01812EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/05/13 7:15 p.m.6 views

CVE-2020-2001

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All...

9.8CVSS7.3AI score0.01334EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/13 7:7 p.m.19 views

CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All...

8.1CVSS9.6AI score0.01334EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/06 12:0 a.m.3 views

QNAP Systems Photo Station File Name or Path External Control Vulnerability (CNVD-2020-09620)

QNAP Systems Photo Station is a photo management and viewing application from QNAP Systems. A file name or path external control vulnerability exists in QNAP Systems Photo Station, which can be exploited by remote attackers to access or modify system files...

9.8CVSS9AI score0.82966EPSS
Exploits8References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.10 views

Mitsubishi QD75P4N Position Controller Detection

Binary data 754899.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.9 views

Mitsubishi QD75D2N Position Controller Detection

Binary data 754892.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.10 views

Mitsubishi QD75P1N Position Controller Detection

Binary data 754897.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.15 views

Mitsubishi QD75D4N Position Controller Detection

Binary data 754893.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.11 views

Mitsubishi QD75P2N Position Controller Detection

Binary data 754898.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.14 views

Mitsubishi QD75D1N Position Controller Detection

Binary data 754891.prm...

7.3AI score
Exploits0
Prion
Prion
added 2019/04/22 11:29 a.m.13 views

Design/Logic Flaw

OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repositoryexport.jsp. This is achieved by interfering with the Filesystem path control in the admin's...

9CVSS7.5AI score0.14478EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder