26 matches found
CVE-2022-23794
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application...
jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path
An incorrect permissions validation vulnerability was found in Jenkins. The operations FilePathrenameTo and FilePathmoveAllChildrenTo only check read permission on the source path which may allow an attacker who has access to these operations to be able to read and write to arbitrary files on the...
jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path
An incorrect permissions validation vulnerability was found in Jenkins. The operations FilePathrenameTo and FilePathmoveAllChildrenTo only check read permission on the source path which may allow an attacker who has access to these operations to be able to read and write to arbitrary files on the...
Server side request forgery (ssrf)
FilePathrenameTo and FilePathmoveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier only check 'read' agent-to-controller access permission on the source path, instead of 'delete'...
Mediawiki 1.18.0 Information Disclosure
CVE-2014-1686 -- Information disclosure: webserver source path in Mediawiki 1.18.0 When a user create a new file eg: image with a name containing , it leads to webserver file path disclosure, after having uploaded the file, when thumbail creation occurs. I did not succeed in obtained remote shell...
PhFiTo 1.3.0 (SRC_PATH) Remote File Inclusion Vulnerability
No description provided by source. ?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ?????????????????????????????????????...