GO-2025-4091 Jellysweep uses uncontrolled data in image cache API endpoint in github.com/jon4hz/jellysweep

Jellysweep uses uncontrolled data in image cache API endpoint in github.com/jon4hz/jellysweep...

Arbitrary File Creation

github.com/charmbracelet/soft-serve is vulnerable to Arbitrary file creation. The vulnerability is due to uncontrolled data being written through its SSH API, which allows an attacker to create or override arbitrary files...

GHSA-3HP8-6J24-M5GM Duplicate Advisory: Camaleon CMS vulnerable to remote code execution through code injection (GHSL-2024-185)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7x4w-cj9r-h4v9. This link is maintained to preserve external references. Original Description The actions defined inside of the MediaController class do not check whether a given path is inside a certain path e....

CVE-2024-45388

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388

Hoverfly (Git SpectoLabs) contains a path traversal vulnerability in the /api/v2/simulation POST handler that lets unauthenticated attackers read arbitrary files from the server by supplying a specially crafted bodyFile parameter (e.g., ../../../../etc/passwd). The implementation attempts to join...

GHSA-PCWP-26PW-J98W CometVisu Backend for openHAB has a path traversal vulnerability

openHAB's CometVisuServlet is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This vulnerability was discovered with the help of CodeQL's Uncontrolled data used in path expression query. Impact This...

CVE-2023-49801 Lif Auth Server vulnerable to uncontrolled data in path expression

Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the getpfp and getbanner routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving through these URLs is...

CVE-2023-49801 Lif Auth Server vulnerable to uncontrolled data in path expression

Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the getpfp and getbanner routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving through these URLs is...

CVE-2023-33188 Uncontrolled data used in content resolution

Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not properly validated,...

CVE-2022-36034 Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js

nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...

CVE-2022-36034 Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js

nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...

Exploit for Out-of-bounds Read in Microsoft

POC CVE-2022-21877 This repository contains a POC for the CVE...

Remote code execution

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

Sabberworm PHP CSS Code Injection Vulnerability

Exploit for php platform in category web applications Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score...

CVE-2018-10236

POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data'name' with no restrictions, and this value is written to the FCPATH.$file file...