16 matches found
EUVD-2025-10959
Malicious code in bioql PyPI...
CVE-2023-27881
A user could use the “Upload Resource” functionality to upload files to any location on the disk...
CVE-2023-27881
A user could use the “Upload Resource” functionality to upload files to any location on the disk...
CVE-2023-27881
A user could use the “Upload Resource” functionality to upload files to any location on the disk...
CVE-2023-27881
CVE-2023-27881 affects PTC Vuforia Studio. Affected: Vuforia Studio (all versions prior to 9.9). Vulnerability: Unrestricted Upload of File with Dangerous Type via the Upload Resource feature allows a user to upload files to arbitrary locations on disk. Impact: potential unauthorized file placeme...
PT-2023-21392 · Ptc · Vuforia Studio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A user could use the “Upload Resource” functionality to upload files to any location on the disk. There is no additional information about the estimated...
PTC Vuforia Studio 代码问题漏洞
PTC Vuforia Studio is an easy-to-use, web-native tool from PTC for authoring domain and task-specific experiences. These experiences provide integrated views of digital and physical product data, dashboards, and alerts through 2D, 3D, and augmented reality. A code issue vulnerability exists in PT...
GHSA-9VM3-R8GQ-CR6X Casdoor arbitrary file write vulnerability
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
Casdoor arbitrary file write vulnerability
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
Arbitrary file deletion
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
PT-2022-24495 · Casdoor · Casdoor
Name of the Vulnerable Software and Affected Versions: Casdoor version 1.97.3 Description: The issue is related to an arbitrary file write vulnerability. This vulnerability can be exploited via the fullFilePath parameter at the "/api/upload-resource" API endpoint. Recommendations: For Casdoor...
Casdoor 路径遍历漏洞
Casdoor is an open source Identity and Access Management IAM / Single Sign-On SSO platform with a Web UI that supports OAuth 2.0 / OIDC and SAML authentication. A security vulnerability exists in Casdoor v1.97.3, which is caused by an arbitrary file write vulnerability via the fullFilePath...
CVE-2018-20241
The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...