205 matches found
DevDojo Voyager <=1.8.0 - Arbitrary File Read
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. id: CVE-2024-55415 info: name: DevDojo Voyager =1.8.0 - Arbitrary File Read author: iamnoooob,rootxharsh,pdresearch severity: high description: | DevDojo Voyager through 1.8.0 is vulnerable to path traversal at t...
DevDojo Voyager <= 1.8.0 - Arbitrary File Write vulnerability
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server. id: CVE-2024-55417 info: name: DevDojo Voyage...
PT-2026-44925
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2018-25252
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
CVE-2018-25252
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
CVE-2018-25252
The CVE-2018-25252 entry concerns FTP Voyager 16.2.0, where a denial-of-service condition arises from a buffer overflow caused by injecting oversized data into the site profile IP field. Attackers can craft a site profile containing about 500 bytes of repeated characters and paste it into the IP ...
CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
PT-2026-30372
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
SolarWinds FTP Voyager 缓冲区错误漏洞
SolarWinds FTP Voyager is an FTP client software developed by the American company SolarWinds. Version 16.2.0 of SolarWinds FTP Voyager contains a buffer overflow vulnerability. This vulnerability arises from improper handling of data in the IP field of the site configuration file. It is possible...
📄 Voyager 1.8.0 Arbitrary File Upload
Voyager version 1.8.0 has an issue where an attacker with minimal privileges any role allowed to upload images in a Rich Text Box can upload a polyglot file masquerading as an image while embedding server-side executable code...
CVE-2020-37214
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
CVE-2020-37214
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
CVE-2020-37214
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
CVE-2020-37214 Voyager 1.3.0 - Directory Traversal
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
CVE-2020-37214
CVE-2020-37214 affects Voyager 1.3.0 and is a directory traversal vulnerability in the asset path parameter used by the /admin/voyager-assets endpoint, allowing an attacker to read arbitrary files such as /etc/passwd and .env. The provided metrics show a high impact with both CVSS 3.1 (base score...
CVE-2020-37214 Voyager 1.3.0 - Directory Traversal
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
PT-2026-7712
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
Voyager 路径遍历漏洞
Voyager is an application developed by David Borland personally. Version 1.3.0 of Voyager contains a path traversal vulnerability, which arises from improper handling of file path parameters, potentially leading to path traversal attacks...
EUVD-2001-0299
Malware in sbrugna...