NUUO Camera 安全漏洞

NUUO Camera is a series of webcams. A security vulnerability exists in NUUO Camera 20240319 and earlier versions, which stems from a Denial of Service DOS vulnerability in the parameter filename of the file /deletefile.php...

PT-2023-29471 · Huddly · Huddlycameraservice

Name of the Vulnerable Software and Affected Versions: Huddly HuddlyCameraService versions prior to 8.0.7, excluding version 7.99 Description: An issue in HuddlyCameraService allows attackers to manipulate files and escalate privileges via the RollingFileAppender.DeleteFile method performed by th...

PT-2022-28064 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress affected versions not specified Description: A critical issue was found in FlatPress, affecting the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler...

Denial Of Service (DoS)

github.com/casdoor/casdoor is vulnerable to denial of service. The vulnerability exists in the DeleteFile function of storage.go due to arbitrary file deletion via uploadFile which allows an attacker to delete arbitrary files in the system...

CVE-2021-44127

In DLink DAP-1360 F1 firmware version =v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized...

D-Link DAP-1360 安全漏洞

The D-Link DAP-1360 is a router from D-Link, a Chinese company. A security vulnerability exists in the DLink DAP-1360 F1 firmware, which stems from the fact that an attacker can execute arbitrary system commands with the name=deleteFile parameter, after authorization, using the file parameter to...

Maxsite CMS arbitrary file deletion vulnerability

MaxSite CMS is a web content management system of the Russian MaxSite CMS open source project . Maxsite CMS has arbitrary file deletion vulnerability , the vulnerability stems from all-files-update-ajax.php in the dir and deletefile parameters for the file name lack of validation , the attacker c...

MaxSite CMS 路径遍历漏洞

MaxSite CMS is a web content management system of the Russian MaxSite CMS open source project . Maxsite CMS has arbitrary file deletion vulnerability , the vulnerability stems from all-files-update-ajax.php in the dir and deletefile parameters for the file name lack of validation , the attacker c...

CVE-2021-21891

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch deletefile. An attacker can make an...

CVE-2020-22761

Cross Site Request Forgery CSRF vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php...

CVE-2020-22761

Cross Site Request Forgery CSRF vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php...

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php...

FlatPress cross-site request forgery vulnerability

FlatPress is a lightweight, easy-to-setup blogging engine. flatPress version 1.1 is vulnerable to cross-site request forgery. An attacker can use the DeleteFile function in flat/admin.php to conduct a cross-site request forgery attack...

Flatpress 跨站请求伪造漏洞

FlatPress is a lightweight, easy-to-setup blogging engine. flatPress version 1.1 is vulnerable to cross-site request forgery. An attacker can use the DeleteFile function in flat/admin.php to conduct a cross-site request forgery attack...

CVE-2020-22761

CVE-2020-22761 : FlatPress 1.1 is vulnerable to a CSRF flaw via the DeleteFile function in flat/admin.php. The issue allows unauthorized actions on affected installations. Evidence across sources (NVD/OpenVAS/Red Hat/ cnnvd) confirms the vulnerability, with CVSSv3.1 base score up to 8.8 (HIGH) an...

CVE-2020-22761

Cross Site Request Forgery CSRF vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php...

PT-2021-10786 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress version 1.1 Description: A Cross Site Request Forgery CSRF issue exists, allowing unauthorized actions. The DeleteFile function in flat/admin.php is affected. Recommendations: For FlatPress version 1.1, consider disabling the...

CVE-2020-12130

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...

CVE-2020-12130

CVE-2020-12130 affects the AirDisk Pro app for iOS (version 5.5.3). The vulnerability is a cross-site scripting (XSS) flaw that can be triggered through the deleteFile parameter of the Delete function, as stated across multiple sources. The exact root cause is described as insufficient validation...

DoorGets Arbitrary File Deletion Vulnerability

DoorGets is a free and open source content management system. An arbitrary file deletion vulnerability exists in /fileman/php/deletefile.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to delete arbitrary files...