CVE-2023-41057 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it

hyper-bump-it is a command line tool for updating the version in project files.hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched fil...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it

Summary hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is n...

GHSA-XC27-F9Q3-4448 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it

Summary hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is n...

GHSA-353F-5XF4-QW67 Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)

The issue involves a security vulnerability in Vite where the server options can be bypassed using a double forward slash //. This vulnerability poses a potential security risk as it can allow unauthorized access to sensitive directories and files. Steps to Fix. Update Vite: Ensure that you are...

PT-2023-24665

Name of the Vulnerable Software and Affected Versions Vite versions prior to 2.9.16 Vite versions prior to 3.2.7 Vite versions prior to 4.0.5 Vite versions prior to 4.1.5 Vite versions prior to 4.2.3 Vite versions prior to 4.3.9 Description The issue involves a security risk in Vite where the...

RSSonate (xml2rss.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ================================================== RSSonate xml2rss.php Remote File Include Exploit ================================================== !/usr/bin/perl RSSonate remote Command Execution Vulnerabilities Risk : High Remote Code...

Open Meetings Filing Application - Remote File Inclusion

Open Meetings Filing Application - Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Open Meetings Filing Application PROJECTROOT Remote File Include Vulnerability...