EUVD-2021-1017

Malware in sbrugna...

CVE-2022-36904

Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

PT-2025-21651 · Qt Company · Qt

Name of the Vulnerable Software and Affected Versions: Qt versions prior to 5.15.19 Qt versions 6.0.0 through 6.5.8 Qt versions 6.6.0 through 6.8.1 Description: The issue arises from the use of the GetTempPath API, which can be exploited by attackers to manipulate temporary file paths, potentiall...

CVE-2024-35345

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting...

CVE-2021-20030

SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...

FineCms 免费版任意文件上传漏洞

路径：dayrui/libraries/Chart/ofcuploadimage.php $defaultpath = '../tmp-upload-images/'; if !fileexists$defaultpath mkdir$defaultpath, 0777, true; $destination = $defaultpath . basename $GET 'name' ; echo 'Saving your image to: '. $destination; $jfh = fopen$destination, 'w' or die"can't open file";...