4 matches found
CVE-2026-34030
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created. The branch code is later used in multiple application functions, including filesystem path generation for uploaded files, profile pictures, and...
PT-2023-6223 · Sap · Sap S/4Hana
Name of the Vulnerable Software and Affected Versions: Statutory Reporting application affected versions not specified SAP S/4HANA affected versions not specified Description: The issue concerns a vulnerable file storage location in the Statutory Reporting application, potentially allowing a...
Concrete CMS: Arbitrary File delete via PHAR deserialization
crayons : Concrete5 Arbitrary File delete via PHAR deserialization - Target: Concrete5 - Version: 8.5.4 Latest at 2020. 07. 12 / PHP 7.2 - Credit: WSP Lab@KAIST - Contact: [email protected] TL; DR - An attacker can send an arbitrary input value in the isdir function, which causes a PHAR...
CVE-2014-0725
Cisco Unified Communications Manager UCM does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file storage location," aka Bug ID CSCum05337...