PT-2023-18596 · Unknown · Titan Sftp

Name of the Vulnerable Software and Affected Versions: TitanFTP versions 1.94.1205 and earlier Description: The issue concerns a path traversal vulnerability in the newPath parameter of the move-file function. This allows an authenticated attacker to upload any file and then move it to any locati...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function. PoC curl --path-as-is "http://localhost:3000/../package.json Details A Directory Traversal attack also known as path...

Senayan Library Management System 9.2.2 SQL Injection

Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 Multiple SQLi-Not sanitizing correctly cookie session. Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...

PT-2022-36507 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: A memory leak issue was discovered in the query regdb file function related to cfg80211, a Linux kernel module for wireless networking. The actual impact and attack plausibility have not y...

CVE-2022-40048

Flatpress v1.2.1 was discovered to contain a remote code execution RCE vulnerability in the Upload File function...

PT-2022-25176 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: Flatpress version 1.2.1 Description: A remote code execution issue was found in the Upload File function, allowing for potential code execution. Recommendations: For version 1.2.1, consider disabling the Upload File function until a patch is...

CVE-2022-31579

The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Path traversal

The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Design/Logic Flaw

An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...

PT-2022-16970 · Flask +1 · Flask +1

Name of the Vulnerable Software and Affected Versions: Piano LED Visualizer versions 1.3 and prior Description: The issue concerns a path traversal attack. The os.path.join call is unsafe for use with untrusted input, as it ignores all parameters encountered before an absolute path and starts...

Air Cargo Management System v1.0 - SQLi

Title: Air Cargo Management System v1.0 - SQLi Author: nu11secur1ty Date: 02.18.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html Reference:...

The vulnerability of the Sphinx search system, related to a path traversal error, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Sphinx search system is related to a path traversal error. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the CALL SNIPPETS operator or the loadfile function...

IBM Business Automation Workflow Cross-Site Scripting Vulnerability (CNVD-2021-101696)

IBM Business Automation Workflow is a workflow automation solution from IBM Corporation of the United States. The product is primarily used for workflow management, compliance management, and has features such as workflow visibility and scalability.IBM Business Automation Workflow has a cross-sit...

Busybox Resource Management Error Vulnerability (CNVD-2021-88215)

BusyBox is a suite of applications containing several linux commands and tools from Ukrainian individual developer Denis Vlasenko. Busybox's awk applet is vulnerable to a resource management error that could be exploited by an attacker to execute code while processing a carefully crafted awk...

CVE-2020-21595

libde265 v1.0.4 contains a heap buffer overflow in the mcluma function, which can be exploited via a crafted a file...

UBUNTU-CVE-2021-3710

An information disclosure via path traversal was discovered in apport/hookutils.py function readfile. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior ...

ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?

A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. A remote attacker could exploit this flaw to make a Ruby...

UBUNTU-CVE-2021-32555

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users...

UBUNTU-CVE-2021-32553

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users...

CVE-2021-32551

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users...