2 matches found
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal in the handling of Discord event cover image parameters, which could bypass the intended media normalization. An attacker can access host-local media references by...
Unrestricted file upload
Unrestricted file upload vulnerability in calendaradmin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/...