3 matches found
PT-2025-32402 · Unknown · Webpagetest
Name of the Vulnerable Software and Affected Versions: WebPageTest versions prior to 2.7 Description: WebPageTest versions 2.6 and earlier contain an arbitrary file upload flaw in the resultimage.php script. The application does not validate or sanitize user-supplied input before saving uploaded...
PT-2023-10012 · WordPress · Editorial Calendar Plugin
Name of the Vulnerable Software and Affected Versions: Editorial Calendar Plugin versions up to 2.6 Description: A critical issue has been found in the Editorial Calendar Plugin, affecting the function edcal filter where of the file edcal.php. The manipulation of the arguments edcal startDate and...
PT-2021-2689
Name of the Vulnerable Software and Affected Versions Apache Commons IO versions prior to 2.7 Description The issue is related to the FileNameUtils.normalize method in Apache Commons IO, which incorrectly handles directory traversal sequences such as "//../foo" or "..foo". This could allow a remo...