168 matches found
CVE-2022-2400
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...
Fortinet FortiClient 安全漏洞
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...
CVE-2022-1119
The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the /includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in...
CVE-2021-30118
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...
The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network (EPN) Manager software for managing network services, and the Cisco Identity Services Engine platform for managing connection policies arises from improper external control of file names or paths. This allows attackers to write arbitrary files.
The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network EPN Manager software for managing network services, and the Cisco Identity Services Engine connection policy management platform are related to improper external manipulati...
CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...
Palo Alto Networks PAN-OS 7.1.x < 8.1.12 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 8.1.12 or 8.0.x prior to 8.1.12 or 8.1.x prior to 8.1.12 or 9.0.x prior to 9.0.6. It is, therefore, affected by a vulnerability. - An external control of path and data vulnerability in the Palo Alto Networks...
VulnCheck KEV: CVE-2019-7194
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files...
VulnCheck KEV: CVE-2019-7195
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files...
The vulnerability of the FTP service (default ports 21/tcp and 5411/tcp), which is used by the SiNVR 3 video server, allows a hacker to gain access to protected information.
The vulnerability of the FTP service default ports 21/tcp and 5411/tcp of the SiNVR 3 video server is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...
CVE-2020-2001
An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All...
CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation
An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All...
QNAP Systems Photo Station File Name or Path External Control Vulnerability (CNVD-2020-09620)
QNAP Systems Photo Station is a photo management and viewing application from QNAP Systems. A file name or path external control vulnerability exists in QNAP Systems Photo Station, which can be exploited by remote attackers to access or modify system files...
Mitsubishi QD75P4N Position Controller Detection
Binary data 754899.prm...
Mitsubishi QD75D2N Position Controller Detection
Binary data 754892.prm...
Mitsubishi QD75P1N Position Controller Detection
Binary data 754897.prm...
Mitsubishi QD75D4N Position Controller Detection
Binary data 754893.prm...
Mitsubishi QD75P2N Position Controller Detection
Binary data 754898.prm...
Mitsubishi QD75D1N Position Controller Detection
Binary data 754891.prm...
Design/Logic Flaw
OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repositoryexport.jsp. This is achieved by interfering with the Filesystem path control in the admin's...