Cursor 路径遍历漏洞

Cursor is an AI code editor from the Cursor open source. A path traversal vulnerability exists in Cursor versions 0.45.0 through 0.48.6, which stems from not properly restricting file path modification permissions, which could lead to a specially crafted context-triggered write to a file outside...

Important: php73

Issue Overview: A flaw was discovered in the link function in PHP. When compiled on Windows, it does not correctly handle paths containing NULL bytes. An attacker could abuse this flaw to bypass application checks on file paths. CVE-2019-11044 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.1...

CVE-2022-36908

A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an...

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

Arbitrary File Write

orientdb-core is vulnerable to arbitrary file writes. The application does not properly check on the file path during extraction, allowing arbitrary files to be written in other directories...