Plexus anblick Digital Signage Management 3.1.13 Open Redirect

Plexus anblick Digital Signage Management 3.1.13 pagina param Open Redirect Vendor: Plexus Product web page: https://www.plexus.es https://www.plexus.es/wp-content/uploads/2020/06/PLEXUSANBLICK.pdf Affected version: 3.1.13 Summary: Advanced multiplatform digital signage solution. Reproduction of...

Plexus anblick Digital Signage Management 3.1.13 (pagina param) Open Redirect

Summary Advanced multiplatform digital signage solution. Reproduction of multimedia content in a visual and impressive way. Adaptable to any use and to various types of screen or display. Description Input passed via the 'pagina' GET parameter in 'PantallaLogin' script is not properly verified...

new module: maven:3.6

An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...

NewStart CGSL CORE 5.04 / MAIN 5.04 : plexus-archiver Vulnerability (NS-SA-2019-0041)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has plexus-archiver packages installed that are affected by a vulnerability: - A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file...

Arbitrary File Write

Plexus Archiver Component is vulnerable to zip-slip vulnerability. The vulnerability exists when the attacker inputs a malicious zip archive with filenames including file traversal characters such as dot dot .., leading to concatenation of file path locating outside of the destination folder...

Updated plexus-archiver packages fix security vulnerability

A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...

MGASA-2019-0005 Updated plexus-archiver packages fix security vulnerability

A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...

Fedora 28 : plexus-archiver (2018-7a9a2f6ec0)

Security fix: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file CVE-2018-1002200 A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attack...

plexus-archiver directory traversal vulnerability

plexus-archiver is a library for compression/decompression. A directory traversal vulnerability exists in plexus-archiver versions prior to 3.6.0. An attacker can exploit this vulnerability by writing to a file with a specially crafted zip archive file with a directory traversal name...

Directory traversal

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002200

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

UBUNTU-CVE-2018-1002200

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

DEBIAN-CVE-2018-1002200

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002200

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002200

CVE-2018-1002200 affects plexus-archiver prior to 3.6.0, which is vulnerable to a directory traversal (Zip-Slip) that allows an attacker extracting a crafted archive to write to arbitrary files. Impact observed in multiple advisories: arbitrary file write/overwrite by exploiting zip entry path tr...

Amazon Linux 2 : plexus-archiver (ALAS-2018-1043)

A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...

Important: plexus-archiver

Issue Overview: A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with...

Fedora Update for plexus-archiver FEDORA-2018-6c55e1f79c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for plexus-archiver FEDORA-2018-7a9a2f6ec0

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : plexus-archiver (2018-6c55e1f79c)

Security fix: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file CVE-2018-1002200 A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attack...