SUSE CVE-2017-18918

An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname...

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

Directory traversal

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2017-18918

An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname...

Design/Logic Flaw

An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname...

PT-2020-8464

Name of the Vulnerable Software and Affected Versions: Mattermost Server versions prior to 3.7.3 Mattermost Server versions prior to 3.6.5 Description: An issue was discovered in Mattermost Server. A System Administrator can place a SAML certificate at an arbitrary pathname. Recommendations: For...

SuSE 10 Security Update : fuse (ZYPP Patch Number 7418)

The following security issues were fixed in fuse : - FUSE allowed local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem. CVE-2010-3879 - Avoid mounting a directory...