4 matches found
Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders
Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...
GHSA-X628-457G-2PW9 Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders
Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...
pfSense-pkg-WireGuard vulnerable to directory traversal
Overview pfSense-pkg-WireGuard provided by pfSense is an add-on package for pfSense CE and pfSense Plus. pfSense-pkg-WireGuard contains a directory traversal vulnerability CWE-22. Yutaka WATANABE of Ierae Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
JVN#85572374: pfSense-pkg-WireGuard vulnerable to directory traversal
pfSense-pkg-WireGuard provided by pfSense is an add-on package for pfSense CE and pfSense Plus. pfSense-pkg-WireGuard contains a directory traversal vulnerability CWE-22. Impact pfSense users may view files in the private folders which they do not have privileges to access. Solution Update the...