4 matches found
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746 NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
PT-2026-3793
Name of the Vulnerable Software and Affected Versions NodeBB Plugin Emoji version 3.2.1 Description The NodeBB Plugin Emoji version 3.2.1 has a flaw that allows administrative users to write files to arbitrary system locations. This is possible through the emoji upload API by manipulating the fil...