27 matches found
EUVD-2019-7812
Malware in sbrugna...
EUVD-2023-44221
Malicious code in bioql PyPI...
EUVD-2023-2638
Malicious code in bioql PyPI...
CVE-2019-17415
A Structured Exception Handler SEH based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331...
Design/Logic Flaw
The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 5221, allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them...
Directory Traversal
github.com/arduino/arduino-create-agent is vulnerable to Directory Traversal. When the attacker has access to the localhost interface, they can send a specially crafted HTTP DELETE request to the /v2/pkgs/tools/installed endpoint, specifying the path of the file or folder that they want to delete...
Yamcs API Directory Traversal vulnerability
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
GHSA-43FW-536J-W37J Yamcs API Directory Traversal vulnerability
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
CVE-2023-45278
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
CVE-2023-45278
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
CVE-2023-45278
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
Directory traversal
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
CVE-2023-45278
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...
CVE-2023-45278
CVE-2023-45278 affects Yamcs before and including 5.8.6 in its storage API: a directory traversal vulnerability that allows an attacker to delete arbitrary files via a crafted HTTP DELETE request. Root cause: improper handling of file paths in the storage component leading to unintended file dele...
PT-2023-28994 · Arduino · Arduino Create Agent
Name of the Vulnerable Software and Affected Versions: Arduino Create Agent versions prior to 1.3.3 Description: This issue affects the endpoint /v2/pkgs/tools/installed and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhos...
CVE-2023-3570
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device...
Cross site request forgery (csrf)
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device...
CVE-2023-3570 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device...
CVE-2023-3570 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device...
CVE-2021-35243
The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server 12.7.7 and earlier, allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the...