NodeBB 1.0.4 - 1.18.4 Path Traversal Vulnerability

NodeBB is prone to a path traversal vulnerability in the translator module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

NodeBB vulnerable to path traversal in translator module

Impact Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected languages/ directory. Patches The vulnerability has been patched as of v1.18.5. Workarounds Cherry-pick commit hash c8b2fc46dc698db687379106b3f01c71b80f495f to recei...

CVE-2021-43788 Path traversal in translator module of NobeBB

Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected languages/ directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as...

CVE-2007-5492

Static code injection vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter...

CVE-2007-5491

Directory traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter...

CVE-2007-5491

Directory traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter...