9 matches found
MINI-87HG-QRCP-WX9X
Bulletin has no description...
CVE-2022-26315
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
Directory Traversal
github.com/claudiodangelis/qrcp, is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization in the receive mode allowing an attacker to access unauthorized resources via file name...
CVE-2022-26315
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
CVE-2022-26315
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
CVE-2022-26315
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
Directory traversal
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
CVE-2022-26315
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...
CVE-2022-26315
CVE-2022-26315 affects qrcp (up to version 0.8.4) in receive mode and is due to inadequate sanitization that allows directory traversal via the uploader-specified filename. This can enable access to parent directories if exploited. Root cause and impact are stated in multiple sources (Red Hat, NV...