3 matches found
CVE-2018-7664
An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the filename parameter to /api/fileuploader.php or /actions/filedownloader.php...
CVE-2018-7664
CVE-2018-7664 affects ClipBucket before 4.0.0 Release 4902. An OS command injection is possible via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php, enabling execution of arbitrary commands on the server. CVSS v3 base score 9.8 (CRITICAL);...
ClipBucket <= 4.0.0 Multiple Vulnerabilities
ClipBucket is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oxygenz:clipbucket"; if...