Jetty WEB-INF File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jetty WEB-INF File Disclosure', 'Description' = %q Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access...

CVE-2024-7858 Media Library Folders <= 8.2.3 - Missing Authorization on Various Functions

The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. This makes it possible for authenticated attackers, with subscriber-level...

CVE-2024-34018

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4569...

CVE-2024-34018

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4569...

CVE-2024-34018

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4569...

CVE-2024-34018

CVE-2024-34018 affects Acronis Snap Deploy for Windows, prior to build 4569. The root cause is insecure folder permissions that permit disclosure of sensitive information. Impact is described as a sensitive information disclosure with a local attack vector; the vulnerability is tied to the Window...

PT-2024-25644 · Acronis · Acronis Snap Deploy

Name of the Vulnerable Software and Affected Versions: Acronis Snap Deploy Windows versions prior to build 4569 Description: The issue is related to sensitive information disclosure due to insecure folder permissions. This allows sensitive information to be exposed. Recommendations: For versions...

Acronis Snap Deploy 安全漏洞

Acronis Snap Deploy is a platform for batch deployment of system images from Acronis Singapore. A security vulnerability previously existed in Acronis Snap Deploy version 4569, which stemmed from the inclusion of an insecure folder permission leading to the disclosure of sensitive information...

CVE-2023-43078

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service...

CVE-2023-43078

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service...

CVE-2023-43078

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service...

CVE-2023-43078

Dell Dock Firmware and Dell Client Platform are affected by CVE-2023-43078 due to an Improper Link Resolution vulnerability during installation, which can lead to arbitrary folder deletion and potential Privilege Escalation or Denial of Service. Affected components include the Dell Dock Firmware ...

Dell Client Platform和Dell Dock Firmware 后置链接漏洞

Dell Client Platform and Dell Dock Firmware are both products of Dell Inc.Dell Client Platform is a client platform.Dell Dock Firmware is a firmware. A backlink vulnerability exists in Dell Dock Firmware and Dell Client Platform that stems from improper link resolution during installation, which...

PT-2024-13076 · Dell · Dell Dock Firmware +1

Name of the Vulnerable Software and Affected Versions: Dell Dock Firmware affected versions not specified Dell Client Platform affected versions not specified Description: The issue is related to an Improper Link Resolution vulnerability during installation, resulting in arbitrary folder deletion...

CVE-2024-8170

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possible to initiate the attack remotely. The...

CVE-2024-8170

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possible to initiate the attack remotely. The...

CVE-2024-8170 SourceCodester Zipped Folder Manager App add-folder.php unrestricted upload

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possible to initiate the attack remotely. The...

CVE-2024-8170 SourceCodester Zipped Folder Manager App add-folder.php unrestricted upload

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possible to initiate the attack remotely. The...

CVE-2024-8170

CVE-2024-8170 affects the SourceCodester Zipped Folder Manager App 1.0. The vulnerability is in an unknown part of /endpoint/add-folder.php where manipulation of the folder argument enables unrestricted file uploads, allowing remote initiation. Public exploit information exists. Concrete details ...

node-tar: denial of service while parsing a tar file due to lack of folders depth validation

A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially...