7 matches found
EUVD-2019-6022
Malware in sbrugna...
CVE-2019-14924
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...
CVE-2019-14924
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...
CVE-2019-14924
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...
Design/Logic Flaw
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...
CVE-2019-14924
GCDWebServer (before 3.5.3) is affected. The vulnerable component is GCDWebUploader’s moveItem, which validates FileExtension against newAbsolutePath but not oldAbsolutePath, enabling an attacker to make an inaccessible file (e.g., app credentials) accessible. Impact is information disclosure; no...
CVE-2019-14924
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...