CVE-2023-22901

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

CVE-2023-28770

The sensitive information exposure vulnerability in the CGI “ExportLog” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file...

ChangingTec MOTP 路径遍历漏洞

ChangingTec MOTP is a cell phone authentication software from the Chinese company ChangingTec. ChangingTec MOTP suffers from a path traversal vulnerability. A remote attacker can exploit this vulnerability to access arbitrary system files...

Zyxel DX5401-B0 安全漏洞

The Zyxel DX5401-B0 is a wireless enhancement device from China's Hopkins Zyxel. A security vulnerability exists in the Zyxel DX5401-B0 V5.17ABYO.1C0 firmware version, which originates from the exposure of sensitive information in CGI ExportLog and binary zcmd. An attacker can exploit this...

CVE-2023-22901 ChangingTec MOTP - Path Traversal

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal...

Directory traversal

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal...

Shanling MTouch OS 路径遍历漏洞

Shanling MTouch OS is a music player from Shanling, China. A security vulnerability exists in Shanling M5S Portable Music Player in Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player in Shanling MTouch OS v3.3. An attacker can exploit the vulnerability to arbitrarily read, delete, or...

Contao 路径遍历漏洞

Contao is an open source content management system CMS developed using PHP. The system supports search engines, rights management and CSS frameworks. A path traversal vulnerability exists in Contao versions prior to 4.9.40, 4.13.21, and 5.1.4. An attacker exploiting this vulnerability could list...

SAP NetWeaver AS ABAP Directory Traversal (3294595)

A directory traversal vulnerability exists in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allowing an attacker with non-administrative authorizations to exploit a directory traversal flaw in an...

CVE-2023-0006

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition...

Race condition

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition...

CVE-2023-29186

In SAP NetWeaver BI CONT ADDON - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient administrative privileges then potentially critical OS files ca...

SAP NetWeaver 路径遍历漏洞

SAP NetWeaver is a set of integrated service-oriented application platform from SAP. SAP NetWeaver BI CONT ADDON has a directory traversal vulnerability, which can be exploited by remote attackers to submit special requests that can read system files in system context and obtain sensitive...

CVE-2023-0652

Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer MSI of WARP Client for Windows = 2022.12.582.0 allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files. As...

CVE-2023-0652 Local Privilege Escalation in Cloudflare WARP Installer (Windows)

Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer MSI of WARP Client for Windows = 2022.12.582.0 allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files. As...

CVE-2023-0652

Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer MSI of WARP Client for Windows = 2022.12.582.0 allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files. As...

CVE-2022-23522 Arbitrary File Write when Extracting Tarballs retrieved from a remote location using in mindsdb

MindsDB is an open source machine learning platform. An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip...

CVE-2023-28732

Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plug...

CVE-2023-28732

Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plug...