Lucene search
K

4 matches found

Hacker One
Hacker One
added 2026/05/04 1:17 p.m.18 views

PortSwigger Web Security: Burp Suite Professional: browser-powered crawl can write attacker-controlled files through file input handling

A vulnerability was discovered in Burp Suite Professional 2026.3.3 on Windows. When Burp Scanner's browser-powered crawler crawled an attacker-controlled website, the website could force Burp to write an attacker-controlled file to an attacker-controlled local path. The issue was caused by Burp's...

5.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-7648

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 145.0.7632.45 Description A flaw exists in Google Chrome's file input handling that could allow a remote attacker to perform UI spoofing. This requires convincing a user to interact with a specially crafted HTML...

6.4CVSS6.1AI score0.00229EPSS
Exploits0References34
ATTACKERKB
ATTACKERKB
added 2022/01/25 6:15 a.m.4 views

CVE-2022-23935

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check, leading to command injection...

7.8CVSS7.1AI score0.07575EPSS
Exploits5References3
Exploit DB
Exploit DB
added 2002/05/27 12:0 a.m.33 views

Opera 6.0.1/6.0.2 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/4834/info A vulnerability has been reported in Opera 6.01/6.02. The vulnerability is related to handling of the 'file' HTML input-type. It is possible for a server to set the file value, while fooling Opera into thinking no file has been specified. This i...

7.4AI score
Exploits0
Rows per page
Query Builder