Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the uniqueId parameter. An attacker can write files outside the intended media directory by setting the uniqueId to an absolute path when uploading a device image. Details A Directory Traversal attack also known ...

EUVD-2009-4340

Malware in sbrugna...

CVE-2024-9601

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ and 'UniqueID' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress plugin Qubely – Advanced Gutenberg Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. A SQL injection vulnerability exists in EsafeNet CDG version 5, which stems from an incorrect manipulation of the UniqueId parameter that can lead to SQL injection...

Ipswitch WhatsUp Gold SQL Injection Vulnerability

Ipswitch WhatsUp Gold is a unified suite of infrastructure and application monitoring software. IPswitch WhatsUp Gold suffers from a SQL injection vulnerability. Failure to properly filter the 'UniqueID' parameter allows remote attackers to exploit the vulnerability to submit specially crafted SQ...

Avira Analysis Web Service SQL Injection

Title: ====== Avira Analysis Web Service - SQL Injection Vulnerability Date: ===== 2013-07-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=997 VL-ID: ===== 997 Common Vulnerability Scoring System: ==================================== 8.5 Abstract: ========= The...