Unintentional directory traversal by poisoned NUL byte in Dir

There is an unintentional directory traversal in some methods in Dir Dir.open, Dir.new, Dir.entries and Dir.empty? accept the path of the target directory as their parameter. If the parameter contains NUL \0 bytes, these methods recognize that the path is completed before the NUL bytes. So, if a...

CVE-2018-7422

A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php, aka absolute path traversal...

CVE-2018-1199

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

CVE-2017-17876

Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter...

CVE-2017-11511

The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files...

CVE-2017-11152

Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter...

Directory traversal

Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter...

CVE-2017-11152

Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter...

DzzOffice v1.3.1 Arbitrary File Download Vulnerability in Frontend

DzzOffice is a cloud storage management tool , based on the free open source release , can be used as a personal network disk , team , enterprise network disk for use . DzzOffice v1.3.1 front-end arbitrary file download vulnerability exists due to the program fails to share path parameter for...

MODX Revolution 'setup/templates/findcore.php' file remote code execution vulnerability

MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A security vulnerability exists in the setup/templates/findcore.php file in MODX Revolution 2.5.4-pl and...

CVE-2017-6480

groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php path parameter...

Cross site scripting

groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php path parameter...

CVE-2017-6480

groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php path parameter...

Design/Logic Flaw

An issue was discovered in ionize through 1.0.8. The vulnerability exists due to insufficient filtration of user-supplied data in the "path" HTTP GET parameter passed to the "ionize-master/themes/admin/javascript/tinymce/jscripts/tinymce/plugins/codemirror/dialog.php" URL. An attacker could execu...

CVE-2017-5961

Ionize versions up to 1.0.8 (IONIZE CMS built on CodeIgniter) are affected by an XSS vulnerability due to insufficient filtration of user-supplied data in the path parameter of the URL to ionize-master/themes/admin/javascript/tinymce/jscripts/tiny_mce/plugins/codemirror/dialog.php. This could all...

Arbitrary file deletion

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...

CVE-2017-5595

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...

CVE-2017-5595

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...

My Php Dating 'path' Parameter SQL Injection Vulnerability

My Php Dating 2.0 is an online dating site system. A SQL injection vulnerability exists in the My Php Dating 'path' parameter, which can be exploited by attackers to access or modify database data...

My Php Dating 2.0 - path Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Vulnerability: My Php Dating 2.0 - SQL Injection Web Vulnerability Google Dork: My Php Dating Date:09.01.2017 Vendor Homepage: http://www.phponlinedatingsoftware.com/demo.htm Tested on: http://www.phponlinedatingsoftware.com/demo/ Script Name:...