126 matches found
EUVD-2024-52190
Malicious code in bioql PyPI...
CVE-2025-6989
CVE-2025-6989 (KALLYAS theme for WordPress) is an authenticated (Contributor+) vulnerability in all versions up to 4.21.0 where delete_font() uses insufficient file-path validation, enabling an attacker to delete arbitrary folders on the server. The issue, with CVSS 3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:...
CVE-2025-6989 Kallyas <= 4.21.0 - Authenticated (Contributor+) Arbitrary Folder Deletion
The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the deletefont function in all versions up to, and including, 4.21.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete...
Exploit for Link Following in Microsoft
Description This is PoC for CVE-2025-48799, an elevation of pr...
Nix、lix和GNU Guix 安全漏洞
GNU Guix is a product of the U.S. et all is a product of the U.S. GNU community. gnu guix is an open source, cross-platform program package manager. lix et all is a product of the lix open source. lix is a package manager. nix et all is a product of the nix open source. nix is a powerful package...
CVE-2024-53921
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process...
CVE-2022-28778
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission...
CVE-2022-28527
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...
CVE-2020-25873
A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter...
Moodle 4.1.x < 4.1.3 Arbitrary Folder Creation
According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.3. It is, therefore, affected by an Arbitrary Folder creation in TinyMCE. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...
CVE-2024-6037
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
PT-2024-35976 · Samsung · Samsung Magician
Name of the Vulnerable Software and Affected Versions: Samsung Magician version 8.1.0 Description: An issue was discovered in the installer of Samsung Magician on Windows, allowing an attacker to create arbitrary folders in the system permission directory via a symbolic link during the installati...
CVE-2023-43078
Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service...
CVE-2023-43078
Dell Dock Firmware and Dell Client Platform are affected by CVE-2023-43078 due to an Improper Link Resolution vulnerability during installation, which can lead to arbitrary folder deletion and potential Privilege Escalation or Denial of Service. Affected components include the Dell Dock Firmware ...
CVE-2023-43078
Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service...
CVE-2024-6037 Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
CVE-2024-6037
The CVE-2024-6037 entry concerns gaizhenbiao/chuanhuchatgpt version 20240410. The connected documents provide concrete details: an attacker can create arbitrary folders anywhere on the server, including the root directory (for example, C: dir). This action leads to resource exhaustion and potenti...
CVE-2024-6037 Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...
CVE-2024-34116 Adobe Creative Cloud App Install Arbitrary Folder Delete Vulnerability can be abuse to Privilege Escalation
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete...
CVE-2024-34116 Adobe Creative Cloud App Install Arbitrary Folder Delete Vulnerability can be abuse to Privilege Escalation
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete...