5045 matches found
CVE-2023-40493
LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...
CVE-2024-2345
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the folder name parameter in all versions up to, and including, 5.6.3 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-2346
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-2346
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-2346 FileBird – WordPress Media Library Folders & File Manager <= 5.6.3 - Authenticated (Author+) Insecure Direct Object Reference
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-2346
CVE-2024-2346 affects the FileBird – WordPress Media Library Folders & File Manager plugin for WordPress. All versions up to and including 5.6.3 are vulnerable to Insecure Direct Object Reference via folder deletion due to missing validation on a user-controlled key. This allows authenticated att...
CVE-2023-37244
The affected AutomationManager.AgentService.exe application contains a TOCTOU race condition vulnerability that allows standard users to create a pseudo-symlink at C:\ProgramData\N-Able Technologies\AutomationManager\Temp, which could be leveraged by an attacker to manipulate the process into...
Exploit for Unrestricted Upload of File with Dangerous Type in Oretnom23 Payroll_Management_System
CVE-2024-34833 Payroll Management System RCE Unauthenticated...
WordPress plugin FileBird 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-19876 · WordPress · Filebird
Name of the Vulnerable Software and Affected Versions: The FileBird – WordPress Media Library Folders & File Manager plugin versions up to and including 5.6.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, specifically...
PT-2024-19882 · WordPress · Filebird
Name of the Vulnerable Software and Affected Versions: The FileBird – WordPress Media Library Folders & File Manager plugin versions up to, and including, 5.6.3 Description: The issue allows authenticated attackers with author access or higher to delete folders created by other users, making thei...
CVE-2024-34011
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 37758...
CVE-2024-34011
CVE-2024-34011 affects Acronis Cyber Protect Cloud Agent on Windows prior to build 37758. The vulnerability is caused by insecure folder permissions that enable local privilege escalation. Exploitation details are not provided in the connected documents. The Red Hat and NVD entries corroborate lo...
CVE-2024-34011
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 37758...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. Combining backup, anti-malware, cybersecurity and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security vulnerability...
Fedora 40 : thunderbird (2024-d8a0e599e2)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d8a0e599e2 advisory. Update to 115.8.1 https://www.mozilla.org/en-US/security/advisories/mfsa2024-11/ read that if you have mails with encrypted email subjects...
CVE-2024-32880 pyLoad allows upload to arbitrary folder lead to RCE
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication...
CVE-2024-32880 pyLoad allows upload to arbitrary folder lead to RCE
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication...
CVE-2024-32880 pyLoad allows upload to arbitrary folder lead to RCE
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication...