PT-2022-26271 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.5 through 7.4.3.35 Liferay DXP 7.4 update 1 through update 34 Description: The issue allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module. This ...

PT-2021-5606 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier Jenkins LTS versions 2.303.2 and earlier Description: The issue is related to the lack of access control for agent-to-controller in Jenkins, specifically affecting FilePathunzip and FilePathuntar. This could...

WordPress File Unzip Code Path Traversal Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A path traversal vulnerability exists in the WordPress file decompression code. Allowing remote attackers to exploit the...