5 matches found
EUVD-2022-30417
Malicious code in bioql PyPI...
CVE-2022-25773
This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...
CVE-2022-25773
CVE-2022-25773 describes a file placement/path traversal vulnerability in Mautic’s asset upload, due to improper pathname restriction that allows uploading assets to directories outside the intended temp dir. Connected sources confirm affected component paths (mautic/core-lib) and versions before...
CVE-2022-25773 Relative Path Traversal in assets file upload
This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...
CVE-2001-1258
Horde Internet Messaging Program IMP before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server...