19 matches found
EUVD-2020-11184
Malware in sbrugna...
EUVD-2022-2707
Malicious code in bioql PyPI...
CVE-2020-19279
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links...
CVE-2019-13915
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
GO-2023-1924 b3log Wide unauthenticated file access in github.com/b3log/wide
b3log Wide unauthenticated file access in github.com/b3log/wide...
CVE-2020-19279
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links...
Directory traversal
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links...
PT-2023-11519 · Unknown · B3Log Wide
Name of the Vulnerable Software and Affected Versions: B3log Wide affected versions not specified Description: A Directory Traversal vulnerability was found, allowing an attacker to escalate privileges via symbolic links. Recommendations: At the moment, there is no information about a newer versi...
CVE-2020-19279
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links...
b3log Wide 路径遍历漏洞
b3log Wide is a web-based integrated development environment IDE for the Go language. A security vulnerability exists in B3log Wide that stems from the program allowing an attacker to elevate privileges via symbolic links...
CVE-2020-19279
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links...
CVE-2020-19279
Summary (CVE-2020-19279) : The vulnerability is reported in B3log Wide (a web-based IDE) as a directory traversal that allows escalation of privileges through symbolic links. The connected sources consistently describe this as a privilege-escalation path via symbolic link handling. There is no cl...
b3log Wide unauthenticated file access
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
GHSA-6452-JR93-R5QM b3log Wide unauthenticated file access
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
Design/Logic Flaw
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
CVE-2019-13915
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
CVE-2019-13915
CVE-2019-13915 : In b3log Wide, prior to version 1.6.0, three attack types enable arbitrary file read/write. 1) An attacker can insert and run code in the editor about three times to read an arbitrary file. 2) An attacker can create a symlink and place it in a ZIP archive; an unzip operation gran...
b3log Wide Arbitrary File Read/Write Vulnerability
b3log Wide is a set of Web-based Go language integrated development environment IDE . An arbitrary file read/write vulnerability exists in versions of b3log Wide prior to 1.6.0, which can be exploited by an attacker to access arbitrary files...
PT-2019-13474 · B3Log · B3Log Wide
Name of the Vulnerable Software and Affected Versions: b3log Wide versions prior to 1.6.0 Description: The issue allows an attacker to access arbitrary files through three types of attacks. First, an attacker can write and execute code in the editor to read arbitrary files. Second, an attacker ca...