151 matches found
PT-2025-32011 · Unknown · Virtualization File Module
Name of the Vulnerable Software and Affected Versions: virtualization file module affected versions not specified Description: A path traversal vulnerability exists in the virtualization file module. Successful exploitation of this issue may affect the confidentiality of the module...
CVE-2023-44094
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2020-14031
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\SYSTEM, the only files that will not be deleted are those currently being run by the...
CVE-2014-125032
A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The identifier of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. ...
CVE-2024-4267
A remote code execution RCE vulnerability exists in the parisneo/lollms-webui, specifically within the 'openfile' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'openfile' function. An attacker can exploit this...
Drupal POST File module < 1.0.2 - Unauthenticated Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF vulnerability discovered by Pierre Rudloff in WordPress Module POST File versions 1.0.2...
PT-2024-10478 · Post File +1 · Post File +1
Name of the Vulnerable Software and Affected Versions: Drupal POST File versions 0.0.0 through 1.0.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability in the POST File module of the Drupal CMS system. This vulnerability can be exploited by a remote attacker to...
POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060
The module creates an endpoint on the site at /postfile/upload that accepts a POST request for uploading a single file into a specified file system public, private, etc. This module accepts any uploaded file extension, including dangerous file formats so it can be used to bypass the...
CVE-2024-43412 Xibo CMS XSS vulnerability when previewing files uploaded to the library containing HTML/JS
Xibo is an open source digital signage platform with a web content management system CMS. Prior to version 4.1.0, a cross-site scripting vulnerability in Xibo CMS allows authorized users to execute arbitrary JavaScript via the file preview function. Users can upload HTML/CSS/JS files into the Xib...
PT-2024-30098 · Unknown · Parisneo/Lollms-Webui
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version 9.5 Description: A remote code execution vulnerability exists in the parisneo/lollms-webui, specifically within the open file module. The vulnerability arises due to improper neutralization of special elements us...
BIT-DRUPAL-2020-13670
Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...
CVE-2023-44108
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2023-44108
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2023-44108
CVE-2023-44108 is a type confusion vulnerability in Huawei HarmonyOS’s distributed file module. The issue enables exploitation that may cause a device restart/reboot. Affected components and specifics are not enumerated in the provided documents; multiple sources (NVD, CNVD, PRION, CVELIST, VulnE...
CVE-2023-44108
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2023-44094
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
Type confusion
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2023-44094
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...
CVE-2023-44094
CVE-2023-44094 is a type confusion vulnerability in Huawei HarmonyOS’s Distributed Files module. The connected documents indicate the flaw stems from type confusion in the distributed file subsystem, with exploitation potentially causing a device restart/reboot. There are multiple sources (NVD, R...
PT-2023-29104 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a type confusion vulnerability in the distributed file module. Successful exploitation of this vulnerability may cause the devic...