5 matches found
CVE-2025-1936
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension...
ZK Framework AuUploader Unspecified Vulnerability
ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to...
FreeBSD : ImageMagick -- multiple vulnerabilities (0d724b05-687f-4527-9c03-af34d3b094ec) (ImageTragick)
Openwall reports : Insufficient filtering for filename passed to delegate's command allows remote code execution during conversion of several file formats. Any service which uses ImageMagick to process user-supplied images and uses default delegates.xml / policy.xml, may be vulnerable to this...
PHP 5.0.5 - Safedir Restriction Bypass
PHP 5.0.5 - Safedir Restriction Bypass source: https://www.securityfocus.com/bid/15119/info PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction. An attacker can exploit these vulnerabilities to possible execute arbitrary code currently...
Mozilla and Opera information leak
By using localfiles object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content...