CVE-2023-25152

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

EUVD-2018-2005

Malware in sbrugna...

EUVD-2009-3538

Malware in sbrugna...

EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-2979)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

Siemens SINEC Security Monitor Path Traversal Vulnerability

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. A path traversal vulnerability exists in Siemens SINEC Security Monitor that originates from not properly validating the...

PT-2023-20017 · Unknown · Atlauncher

Name of the Vulnerable Software and Affected Versions: ATLauncher versions 3.4.26.0 and earlier Description: The issue allows a maliciously crafted mrpack file to create arbitrary files outside of the installation directory due to a Directory Traversal weakness. Recommendations: For ATLauncher...

UCMS has a logic flaw vulnerability

UCMS is a content management system written in PHP. UCMS suffers from a logic flaw vulnerability that can be exploited by an attacker to create files and folders under arbitrary paths...

Frog CMS File Upload Vulnerability (CNVD-2019-10141)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A file upload vulnerability exists in Frog CMS 0.9.5, which can be exploited by an attacker via /admin/?...

S8Forum 3.0 - Remote Command Execution

S8Forum 3.0 - Remote Command Execution source: https://www.securityfocus.com/bid/6547/info S8Forum is prone to a remote command execution vulnerability. When a user registers with the forum, a file is created locally with the specified username. The contents of this file will be the data entered ...

Minor bug in Pagelog.cgi

There is a small bug in PAGELOG.cgi by Metertek [email protected] which allows users to create and view files. Any file on the system with a '.log' extension readable by the uid/gid of the webserver can be viewed. In addition, two files with extensions of '.txt' and '.log' can be created in any...