The vulnerability of the unZipJarFilestoLocation method in the network management system allows a intruder to gain unauthorized access to file recording and execute arbitrary code. This vulnerability is present in Siemens SINEC NMS systems used for monitoring industrial networks.

The vulnerability of the unZipJarFilestoLocation method in the network management system for monitoring industrial networks of Siemens SINEC NMS is related to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operati...

The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.fn of the Spring Framework arises from incorrect path name restrictions for restricted directories. This allows attackers to gain access to any file in the file system.

The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.fn of the Spring Framework is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to any file in t...

PT-2024-1178 · Nexo-Os · Nexo-Os

Name of the Vulnerable Software and Affected Versions: NEXO-OS affected versions not specified Description: The issue allows a remote attacker to download arbitrary files in all paths of the system under the context of the application OS user “root” via a crafted HTTP request. This is due to...

The vulnerability of the dialog/select_media.php implementation in the DedeCMS content management system allows attackers to read arbitrary files.

The vulnerability of the dialog/selectmedia.php implementation in the DedeCMS content management system is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to read arbitrary files...

PT-2018-3182 · Neomutt +4 · Neomutt +4

Name of the Vulnerable Software and Affected Versions: NeoMutt versions prior to 2018-07-16 Description: An issue exists due to the improper restriction of '/' characters in the newsrc.c component, potentially leading to unsafe interactions with cache pathnames. This could allow a remote attacker...

The vulnerability of the NetCharts Server data visualization platform allows a hacker to write arbitrary files.

The vulnerability in the saveFile.jsp file of the NetCharts Server deployment tool exists due to an incorrect restriction on the path name for the restricted access directory. Exploiting this vulnerability allows a malicious actor to write any files they desire...