Samsung MagicINFO 9 Server - File Upload & Remote Code Execution

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. id: CVE-2025-4632 info: name: Samsung MagicINFO 9 Server - File Upload & Remote Code Execution author: s4e-i...

EUVD-2016-2087

Malware in sbrugna...

EUVD-2024-48615

Malicious code in bioql PyPI...

EUVD-2022-43298

Malicious code in bioql PyPI...

EUVD-2023-0441

Malicious code in bioql PyPI...

CVE-2024-7738

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

CVE-2016-15017

A vulnerability has been found in fabarea mediaupload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address thi...

CVE-2015-10030

A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The patch is...

CVE-2024-7738

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

CVE-2024-7738

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

CVE-2024-7738

The CVE-2024-7738 entry affects yzane vscode-markdown-pdf 1.5.0 (Markdown File Handler) and describes a pathname traversal vulnerability exploitable with local access. Several connected sources confirm the issue, with exploitation disclosed publicly (POCs/videos referenced). The root cause is unk...

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

PT-2024-38546

Name of the Vulnerable Software and Affected Versions: yzane vscode-markdown-pdf version 1.5.0 Description: A problematic issue has been found in the Markdown File Handler component, leading to pathname traversal. The manipulation requires a local attack. The exploit has been disclosed to the...

CVE-2016-15017

A vulnerability has been found in fabarea mediaupload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address thi...

CVE-2016-15017

A vulnerability has been found in fabarea mediaupload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address thi...

Design/Logic Flaw

A vulnerability has been found in fabarea mediaupload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address thi...

CVE-2016-15017

CVE-2016-15017 concerns the TYPO3 extension fabarea media_upload, specifically the function getUploadedFileList in Classes/Service/UploadFileService.php. The vulnerability enables pathname traversal due to input handling in that function, with a critical impact reported (C/H/I/A = high). A fixed ...

CVE-2016-15017 fabarea media_upload UploadFileService.php getUploadedFileList pathname traversal

A vulnerability has been found in fabarea mediaupload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address thi...

PT-2023-10336 · Unknown · Fabarea Media Upload

Name of the Vulnerable Software and Affected Versions: fabarea media upload versions prior to 0.9.0 Description: A critical vulnerability has been found in the function getUploadedFileList of the file Classes/Service/UploadFileService.php, which leads to pathname traversal. Recommendations: For...