890 matches found
OpenText Content Suite Platform 安全漏洞
OpenText Content Suite Platform is a top-of-the-line enterprise content management ECM system from OpenText. It can manage the entire enterprise information lifecycle, from capture to archiving and disposal. A security vulnerability exists in OpenText Content Suite Platform version 22.1, which...
PT-2023-16105 · Unknown · Velociraptor
Name of the Vulnerable Software and Affected Versions: Velociraptor versions prior to 0.6.7-5 Description: The issue allows a low privilege user to overwrite files on the server, including Velociraptor configuration files, due to the VQL copy function not checking for permission to write files. T...
Hewlett Packard Enterprise OfficeConnect 路径遍历漏洞
Hewlett Packard Enterprise OfficeConnect is a series of switches from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise OfficeConnect. An attacker could exploit the vulnerability to read arbitrary files on the server running the application. The followi...
PT-2023-14580 · Axiell · Axiell Iguana Cms
Name of the Vulnerable Software and Affected Versions: Axiell Iguana CMS affected versions not specified Description: A Local File Inclusion issue has been found in Axiell Iguana CMS. The problem arises from insufficient neutralisation of user input on the url parameter in the "Proxy.type.php" an...
CVE-2022-4236
The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server...
CVE-2022-4778
StreamX applications from versions 6.02.01 to 6.04.34 are affected by a path traversal vulnerability that allows authenticated users to get unauthorized access to files on the server's filesystem. StreamX applications using StreamView HTML component with the public web server feature activated ar...
PT-2022-27079 · Unknown · Simmeth Lieferantenmanager
Name of the Vulnerable Software and Affected Versions: Simmeth Lieferantenmanager versions prior to 5.6 Description: An issue was discovered that allows an attacker to download arbitrary files from the web server by abusing an API call to "/DS/LM API/api/ConfigurationService/GetImages" with an...
Welcart e-Commerce < 2.8.5 - Subscriber+ Arbitrary File Access
The plugin does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server. PoC Run the below command in the developer console of th...
CVE-2022-4031
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...
CVE-2022-4030
The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter which can be manipulated during user avatar deletion. This makes it possible with attackers, with minimal permissions such as a subscriber, to supply paths to...
CVE-2022-4030
The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter which can be manipulated during user avatar deletion. This makes it possible with attackers, with minimal permissions such as a subscriber, to supply paths to...
WordPress plugin Simple:Press 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. WordPress plugin Simple:Press 6.8 and earlier versions have a path traversal vulnerability, which stems...
CVE-2022-3762
The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not validate files to download in some of its modules, which could allow ShopManager and Admin to download arbitrar...
OpenCart SQL injection vulnerability
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...
GHSA-236J-RFX5-WQ38 OpenCart SQL injection vulnerability
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...
CVE-2021-37823
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...
Sql injection
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...
CVE-2021-37823
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...
CVE-2022-3124
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server...
UBUNTU-CVE-2022-3124
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server...