CVE-2024-39722

An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on which it is deployed via path traversal in the api/push route...

Directory Traversal

Nginx UI is vulnerable to Directory Traversal. The vulnerability is due to a controllable log path which, when combined with directory traversal at /api/configs, allows reading of directories and file contents on the server...

CVE-2024-48234

An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php the value of the postAddress parameter is not processed and is directly passed into curlexec execution and output, resulting in Server-side request forgery SSRF vulnerability that can read server file...

CVE-2024-48232

An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool.php, the value of the postAddress parameter is not processed and is directly passed into curlexec execution and output, resulting in a Server-side request forgery SSRF vulnerability that can read serv...

PT-2024-33043 · Mipjz · Mipjz

Name of the Vulnerable Software and Affected Versions: mipjz version 5.0.5 Description: A Server-side request forgery SSRF vulnerability exists due to the improper handling of the postAddress parameter in the mipPost method of the ApiAdminTool.php file. This allows an attacker to read server file...

CVE-2024-48234

The CVE-2024-48234 issue affects mipjz 5.0.5. In the push method of app\tag\controller ApiAdminTag.php, the postAddress parameter is not validated and is passed directly to curl_exec, enabling server-side request forgery (SSRF) that can read server files. Red Hat and NVD entries confirm the same ...

SHIRASAGI vulnerable to path traversal

Overview SHIRASAGI provided by SHIRASAGI Project processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability CWE-22. Shogo Kumamaru of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

CVE-2024-46898

SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests...

CVE-2024-46898

SHIRASAGI before v1.19.1 is vulnerable to a path traversal issue caused by improper handling of URLs in HTTP requests. The vulnerability may allow an attacker to retrieve arbitrary server files when processing crafted HTTP requests. Mitigation: upgrade to SHIRASAGI v1.19.1 (or later) as released ...

CVE-2024-45293

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel XLS...

CVE-2024-45293 XML External Entity Reference (XXE) in PHPSpreadsheet's XLSX reader

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel XLS...

XML External Entity (XXE) Injection

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to XML External Entity XXE Injection through the toUtf8 function in the XmlScanner.php file. An attacker can disclose server files...

XXE in PHPSpreadsheet's XLSX reader

Summary The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel XLSX sheets, Server files and sensitive information can be disclosed by...

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet. An attacker exploited the vulnerability to disclose server files and sensitive information by serving specially crafted worksheets...

Google Mesop 安全漏洞

Google Mesop is a Python-based UI framework from Google, Inc USA. A security vulnerability exists in Google Mesop version 0.9.0 through versions prior to 0.12.4, which stems from insufficient input validation and could allow unauthorized access to files on the server...

PT-2024-27139 · WordPress · Web Directory Free Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Web Directory Free WordPress plugin versions prior to 1.7.3 Description: The issue is related to a Local File Inclusion problem. It occurs because the plugin does not validate a parameter before using it in an include, which could lead to Loc...

mage-ai 安全漏洞

mage-ai is a modern replacement for Airflow in the Mage open source. A security vulnerability exists in mage-ai that stems from a path traversal vulnerability that allows a remote user with the Viewer role to leak arbitrary files from a Mage server via a Pipeline Interaction request...

CVE-2024-43011

An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validation and sanitization of user input for file paths, an attacker can exploit this vulnerability by using directory traversal techniques to delete arbitrary file...

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. Directory traversal vulnerability exists in ZZCMS 2023 and previous versions, the vulnerability stems from insufficient validation and filtering of user-input file paths, which can be exploited by an attacker to delete arbitrary...

WordPress plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...