CVE-2024-29893

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, it's possible to crash the repo server component through an out o...

CVE-2022-31827

CVE-2022-31827 affects MonstaFTP v2.10.3, with a Server-Side Request Forgery (SSRF) via the function performFetchRequest in HTTPFetcher.php . The vulnerability description across sources consistently identifies SSRF as the issue; related entries (NVD, Red Hat, PRION, CVE lists) corroborate this a...

Monsta FTP 代码问题漏洞

Monsta FTP is a modern web interface for FTP. A security vulnerability exists in Monsta FTP version v2.10.3, which stems from a server-side request forgery SSRF vulnerability discovered via the performFetchRequest function in HTTPFetcher.php...

Monstaftp server-side request forgery vulnerability

Monstaftp is a modern Web interface for FTP. version v2.10.3 of Monstaftp is vulnerable to server-side request forgery, which stems from the product's failure to properly validate user input and can be exploited by attackers to probe server intranet resources...

Monstaftp arbitrary file upload vulnerability

Monstaftp is a modern Web interface for FTP. version v2.10.3 of Monstaftp is vulnerable to an arbitrary file upload vulnerability, which stems from the application's lack of valid validation of uploaded files. An attacker could exploit this vulnerability to execute arbitrary code via a crafted fi...

CVE-2022-27468

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server...

CVE-2022-27469

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

CVE-2022-27469

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

Server side request forgery (ssrf)

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

CVE-2022-27469

MonstaFTP v2.10.3 is affected by CVE-2022-27469, a Server-Side Request Forgery (SSRF) vulnerability. The RedHat/CNVD/CNNVD and NVD entries describe that the issue arises from improper input validation, enabling an attacker to cause SSRF and potentially access internal resources. The NVD notes CVS...

CVE-2022-27469

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

CVE-2022-27468

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server...

CVE-2022-27468

Summary: CVE-2022-27468 affects MonstaFTP v2.10.3, where an arbitrary file upload vulnerability in the web interface allows an attacker to execute arbitrary code on the server via a crafted upload. Affected software: MonstaFTP web UI (version 2.10.3). Vulnerability details: The root cause is lack...

CVE-2022-1034 There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in star7th/showdoc

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3

Description There is a Unrestricted Upload of File vulnerability in AdminUpdateController.class.php in ShowDoc v2.10.3 Proof of Concept POST /showdoc-2.10.3/server/index.php?s=/api/adminUpdate/download HTTP/1.1 Host: 10.211.55.5 Content-Length: 66 Accept: application/json, text/plain, / User-Agen...