Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2025/10/16 7:56 a.m.3 views

CVE-2025-61941

A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. Arbitrary file may be altered by an administrative user who logs in to the affected product. Moreover, arbitrary OS command may be executed via some file alteration...

8.6CVSS7.2AI score0.00082EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 7:24 a.m.3 views

EUVD-2025-34529

A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. Arbitrary file may be altered by an administrative user who logs in to the affected product. Moreover, arbitrary OS command may be executed via some file alteration...

8.6CVSS6.5AI score0.00082EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0595

Malware in sbrugna...

6.6CVSS6.4AI score0.00051EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-52438

Malicious code in bioql PyPI...

8.1CVSS6.8AI score0.00396EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-8557

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00879EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.5 views

CVE-2023-32608

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

6.5CVSS6.7AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.4 views

CVE-2022-30602

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files...

8.1CVSS6.4AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2024/06/19 6:40 a.m.53 views

CVE-2024-37387

Ricoh Streamline NX PC Client contains a use of potentially dangerous function (CWE-676) vulnerability tracked as CVE-2024-37387. Affected versions include 3.2.1.19, 3.3.1.3, 3.3.2.201, 3.4.3.1, 3.5.1.201, 3.6.100.53, and 3.6.2.1. If exploited, files on the host PC may be altered. Vendor advisori...

4CVSS7AI score0.00046EPSS
Exploits0References2
Veracode
Veracode
added 2023/08/05 3:43 a.m.16 views

Path Traversal

pimcore/pimcore is vulnerable to Path Traversal. A path traversal flaw exists in AssetController::importServerFilesAction, which allows an attacker to alter the pimcorelog argument, possibly overwriting or modifying sensitive files. This might also lead to illegal access, privilege escalation, or...

8.8CVSS6.7AI score0.00004EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/06/30 3:15 a.m.13 views

Directory traversal

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

4CVSS6.2AI score0.00414EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/30 2:15 a.m.13 views

CVE-2023-32608

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

6.4AI score0.00414EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.3 views

PT-2023-23908 · Unknown · Pleasanter

Name of the Vulnerable Software and Affected Versions: Pleasanter versions 1.3.39.2 and earlier Description: A directory traversal issue allows a remote authenticated attacker to alter an arbitrary file on the server. Recommendations: For versions 1.3.39.2 and earlier, update to a version later...

6.5CVSS6.3AI score0.00414EPSS
Exploits0References4
CVE
CVE
added 2023/01/17 11:47 p.m.61 views

CVE-2022-46660

GE Digital Proficy Historian CVE-2022-46660 is a path/unsafe file write vulnerability affecting Proficy Historian (v7.0 and up per ICS advisory context). Connected sources describe exploitation via unrestricted upload of files and MSO protocol handling that allows an unauthorized user to alter or...

7.5CVSS6.5AI score0.00197EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/12/07 10:15 a.m.9 views

CVE-2022-42458

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...

9.8CVSS0.03357EPSS
Exploits0References2
NVD
NVD
added 2022/07/11 1:15 a.m.16 views

CVE-2022-30602

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files...

8.1CVSS0.00396EPSS
Exploits0References2
Prion
Prion
added 2022/07/11 1:15 a.m.14 views

Design/Logic Flaw

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files...

5.5CVSS7.6AI score0.00396EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/07/11 12:40 a.m.68 views

CVE-2022-30602

The CVE-2022-30602 issue affects Cybozu Garoon 4.0.0–5.9.1. Description and connected sources confirm an authorization/privilege-management flaw (operation restriction bypass) that lets an authenticated remote user alter file information and/or delete files. The root cause is an improper privileg...

8.1CVSS7.6AI score0.00396EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/11 12:40 a.m.13 views

CVE-2022-30602

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files...

7.9AI score0.00396EPSS
Exploits0References2
Prion
Prion
added 2021/09/09 12:15 p.m.9 views

Code injection

Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables...

4CVSS6.3AI score0.00586EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/09/09 11:32 a.m.54 views

CVE-2021-39458

The CVE-2021-39458 issue affects Yakamara Media Redaxo CMS 5.12.1, where an authenticated CMS user can trigger an error in the import process to swap files from a valid backup. This leads to leakage of database credentials stored in environment variables. The available connected documents confirm...

6.5CVSS6.3AI score0.00586EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder