Astra Linux - уязвимость в sqlite3

Before version 3.32.0, SQLite allowed a virtual table to be renamed to the name of one of its shadow tables, which are related to alter.c and build.c...

CVE-2025-34262

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devices/name/agentid endpoint. When an authenticated user renames a device, the newname value is stored and later rendered in device listings or detail views without proper...

EUVD-2017-9574

Malware in sbrugna...

EUVD-2020-13834

Malware in sbrugna...

CVE-2020-21055

A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the 1 folder, 2 filename, and 3 newfilename variables in app\edit\filerename.php...

Design/Logic Flaw

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the...

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

Privilege escalation

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

Improper access control

Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name...

File Renaming Vulnerability in YidaCMS Website Management System Backend

YidaCMS website management system is a simple, practical and efficient website builder. A file renaming vulnerability exists in the background of YidaCMS website management system, which can be exploited by an attacker to gain control of the web server...

WBCE CMS File Rename Filter Bypass Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in the admin/media/rename.php file in WBCE CMS 1.4.0 and earlier versions. An attacker can exploit the vulnerability to rename media file names and extensions to execute arbitrary PHP...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4594)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4594 advisory. - ext4: always verify the magic number in xattr blocks Theodore Ts'o Orabug: 29437127 CVE-2018-10879 CVE-2018-10879 - ext4: add corruption check in...

Renaming Vulnerability in YidaCMS Web Management System JS 1.8.0 Version

YidaCMS website management system is a simple, practical and efficient website builder. A renaming vulnerability exists in version JS1.8.0 of the YidaCMS website management system, which allows an attacker to upload an image Trojan using the kingeditor editor employed by the website and rename th...

The vulnerability of the PowerShell command interpreter for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of PowerShell command interpreters on Windows operating systems is related to improper handling of executable files during the renaming process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2014-3834

OwnCloud CVE-2014-3834 affects OwnCloud Server prior to 6.0.3. The root cause is improper authorization checks where the service does not verify that a user has access permissions, allowing an authenticated user to (1) access another user’s contacts via the address book and (2) rename files via u...

CVE-2013-4321

The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250...

CVE-2005-0923

The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service CPU consumption and system crash by renaming a file on a network share...