5 matches found
CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
SUSE CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
SUSE CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
CVE-2020-15779
A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...
GHSA-9H4G-27M8-QJRG Path Traversal in socket.io-file
All versions of socket.io-file are vulnerable to Path Traversal. The package fails to sanitize user input and uses it to generate the file upload paths. The socket.io-file::createFile message contains a name option that is passed directly to path.join. It is possible to upload files to arbitrary...