12 matches found
EUVD-2024-31912
Malicious code in bioql PyPI...
Copeland E2 Facility Management Systems 安全漏洞
Copeland E2 Facility Management Systems is an industrial facility control system from Copeland Corporation. A security vulnerability exists in Copeland E2 Facility Management Systems that stems from improper handling of proprietary protocols, which could lead to unauthorized file manipulation...
CVE-2025-4430 Unauthorized file manipulation in EZD RP
Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...
Unauthorized File Manipulation
ansiblecore is vulnerable to Unauthorized File Manipulation. The vulnerability is due to the user module allowing an unprivileged user with directory traversal permissions to create or replace files on any system path and gain ownership when a privileged user executes the module against the...
CVE-2024-20477
Cisco CVE-2024-20477 concerns an unauthorized REST API endpoint in Cisco Nexus Dashboard Fabric Controller (NDFC). An authenticated, low-privilege, remote attacker could bypass authorization on this endpoint and upload files into a specific container or delete files from a folder within that cont...
Infinera Transcend Network Management System 安全漏洞
Infinera Transcend Network Management System Infinera TNMS is a powerful element, network, and service management system from Infinera USA. A security vulnerability exists in Infinera Transcend Network Management System version 19.10.3, which stems from a WebDAV service that allows a low-privileg...
CVE-2024-3322
A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...
CVE-2024-3322 Path Traversal in parisneo/lollms-webui
A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...
CVE-2024-3322 Path Traversal in parisneo/lollms-webui
A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...
CVE-2023-38501 copyparty vulnerable to reflected cross-site scripting via k304 parameter
copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter ?k304=... and ?setck=.... The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of t...
Unspecified Vulnerability in McAfee VirusScan Enterprise
McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A security vulnerability exists in McAfee VSE versions prior to 8...
Flatnuke 3 - Remote Command Execution / Privilege Escalation
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Flatnuke 3...