4 matches found
CVE-2024-22450
Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise...
ASKEY RTF3505VW-N1 - Privilege Escalation
Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...
Grav CMS Local File Injection
The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection...
Multiple bugs in EditTag
Script: EditTag Version: 1.2 Author: Greg Billock [email protected] Discoverer: NetJackal nima5014TyAhooD0Tcom - nj4ThackerzD0Tir I am sorry for my BAD English. Description: 1 Local file injection: An attacker can use edittag.cgi or edittagmp.cgi maybe .pl to inject files ex. /etc/passwd...