CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

9.8CVSS6.8AI score0.00411EPSS

Exploits0References1

NVD•added 2025/01/28 5:15 p.m.•8 views

CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

9.9CVSS0.00042EPSS

Exploits0References5

Vulnrichment•added 2025/01/28 4:34 p.m.•4 views

CVE-2025-0781 Incorrect Authorization in SimGear

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

8.6CVSS8.5AI score0.00042EPSS

Exploits0References3

OSV•added 2025/01/28 4:34 p.m.•5 views

CVE-2025-0781 Incorrect Authorization in SimGear

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

8.6CVSS8.3AI score0.00042EPSS

Exploits0References7

NVD•added 2023/10/09 1:15 p.m.•11 views

CVE-2023-43697

Modification of Assumed-Immutable Data MAID in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests...

6.5CVSS6.4AI score0.00354EPSS

Exploits0References3

Positive Technologies•added 2022/08/01 12:0 a.m.•2 views

PT-2022-23297 · Bf-Os · Bf-Os

Name of the Vulnerable Software and Affected Versions: BF-OS versions 3.00 through 3.83 Description: The issue allows an attacker to modify the file path, potentially accessing different resources that may contain sensitive information. Recommendations: For BF-OS versions 3.00 through 3.83,...

8.8CVSS5.4AI score0.00688EPSS

Exploits0References3

Prion•added 2017/11/17 2:29 a.m.•17 views

Design/Logic Flaw

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

7.5CVSS9.3AI score0.00411EPSS

Exploits0References1Affected Software1

NVD•added 2017/11/17 2:29 a.m.•10 views

CVE-2017-1000197

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

9.8CVSS9.4AI score0.00411EPSS

Exploits0References1

OSV•added 2017/11/17 2:29 a.m.•10 views

CVE-2017-1000197

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

9.8CVSS6.8AI score

Exploits0References1

CVE•added 2017/11/17 2:0 a.m.•45 views

CVE-2017-1000197

CVE-2017-1000197 affects October CMS 1.x build 412, where the asset move function allows file path modification, enabling creation of malicious files on the server. Root cause centers on insecure path handling during asset operations. NVD metrics show CVSSv2 7.5 (HIGH) and CVSSv3 9.8 (CRITICAL) w...

9.8CVSS9.4AI score0.00411EPSS

Exploits0References1Affected Software1

CNVD•added 2017/11/17 12:0 a.m.•1 views

October CMS File Path Modification Vulnerability

OctoberCMS is a CMS system based on Laravel PHP development framework. A file path modification vulnerability exists in the asset movement feature of October CMS build 412. An attacker can exploit this vulnerability to create malicious files on the server...

9.8CVSS7AI score0.00411EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by