CVE-2019-25097 soerennb eXtplorer Directory Content path traversal

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2019-25097

CVE-2019-25097 affects soerennb eXtplorer up to version 2.1.12. The vulnerability is a path traversal flaw in the Directory Content Handler component, enabling traversal due to unknown internal functionality. A fix is available in version 2.1.13, with patch identifier b8fcb888f4ff5e171c16797a4b07...

eXtplorer 路径遍历漏洞

eXtplorer is a PHP-based file manager. A path traversal vulnerability exists in eXtplorer versions prior to 2.1.13, which stems from an issue with some unknown functionality of the component Directory Content Handler that can lead to path traversal...

PT-2023-11355 · Soerennb · Extplorer

Name of the Vulnerable Software and Affected Versions: soerennb eXtplorer versions up to 2.1.12 Description: A critical issue was found in the Directory Content Handler component, leading to path traversal due to manipulation of some unknown functionality. Upgrading to version 2.1.13 addresses th...

Apache Tika < 1.28.4, 2.4.x < 2.4.1 DoS Vulnerability

Apache Tika is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tika";...

UBUNTU-CVE-2022-30973

We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only...

DEBIAN-CVE-2022-30126

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standa...

CVE-2022-30126

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standa...

The vulnerability of the PDFium web browser’s PDF-content handler allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the PDFium browser for processing PDF content in Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability allows an attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures through...

Security Bulletin: varying error codes allows detection of existing systems behind firewall

Summary A security vulnerability related to content handler URLs makes it possible to check if a system exists for example, behind a firewall. A different error code is returned for a systems that exist but are not accessible via the proxy functionality versus b systems that do not exist. Affecte...

MediaWiki cross-site scripting vulnerability (CNVD-2015-00070)

MediaWiki is a Wiki program that runs on a PHP+MySQL environment. A cross-site scripting vulnerability exists in MediaWiki versions prior to 1.19.22, 1.22.x prior to 1.22.14, and 1.23.x prior to 1.23.7 when $ wgContentHandlerUseDB is enabled. Allows remote attackers to conduct cross-site scriptin...