gatsby 路径遍历漏洞

gatsby is a software application. A free open source framework based on React that helps developers build extremely fast websites and applications. A path traversal vulnerability exists in gatsby, which stems from the presence of a path traversal vulnerability that can be exploited by an attacker...

iBooking 1.0.8 Remote Shell Upload

Exploit Title: iBooking v1.0.8 - Arbitrary File Upload Exploit Author: d1z1n370/oPty Date: 01/11/2022 Vendor Homepage: https://codecanyon.net/item/ibooking-laravel-booking-system/30362088 Tested on: Linux Version: 1.0.8 Exploit Description: The application is prone to an arbitrary file-upload...

iBooking v1.0.8 - Arbitrary File Upload

Exploit Title: iBooking v1.0.8 - Arbitrary File Upload Exploit Author: d1z1n370/oPty Date: 01/11/2022 Vendor Homepage: https://codecanyon.net/item/ibooking-laravel-booking-system/30362088 Tested on: Linux Version: 1.0.8 Exploit Description: The application is prone to an arbitrary file-upload...

Command injection

Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...

Design/Logic Flaw

metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the...

CVE-2023-25155 Integer Overflow in several Redis commands can lead to denial of service.

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

CVE-2022-38778

A flaw CVE-2022-38900 was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process...

Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUJobCountHistory class. A remote unauthenticated attacker could explo...

CVE-2022-38650

A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server proces...

redis: Malformed Lua script can crash Redis

A flaw was found in the Redis database when a malformed Lua script can cause a NULL pointer dereference. This flaw allows an attacker to load a crafting script, which results in a crash of the redis-server process...

ALSA-2022:7730 Moderate: libldb security, bug fix, and enhancement update

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb 2.5.2. BZ2077484 Security Fixes: samba: AD users can induce a use-after-free ...

Moderate: libldb security, bug fix, and enhancement update

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb 2.5.2. BZ2077484 Security Fixes: samba: AD users can induce a use-after-free ...

CVE-2022-42300

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. Note: the watchdog service will automatically restart the process...

CVE-2022-34001

Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously...

Unit4 ERP 代码问题漏洞

Unit4 ERP is an enterprise-class resource management platform from Unit4, Inc. A security vulnerability exists in Unit4 ERP 7.9 and prior versions that originates from an XXE attack allowed via Execute Server Process Asynchronously...

GHSA-44P8-C3WV-F28R Directory Traversal in Studio 42 elFinder

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

GHSA-45X3-MW7Q-WF7F elFinder Path Traversal vulnerability

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process...

CVE-2022-24070

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

CVE-2022-21155

A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process FHSvrService.exe to exit...

Microsoft SharePoint Chart Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of charts. Tampering with client-side data can trigger the...