1368 matches found
CVE-2019-15751
An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated attacker to upload a malicious file containing PHP code to execute operating system commands...
Directory Traversal
public is vulnerable to symbolic link attack. The application does not verify files before serving its contents to requests. This allows an attacker with local access to the web root to create a symbolic link of a system file within the web root, resulting in the remote access of the affected fil...
Directory Traversal
statichttpserver is vulnerable to directory traversal. The attack is possible because it does not validate the path name of URL and directly use it for web root. An attacker providing a path name ../ is allowed to list the chosen folder...
Directory Traversal
http-file-server is vulnerable to directory traversal. It does not prevent the use of ../ in the path name of URL, allowing an attacker to list any files or folder in another folder of web root...
EBK BKS Buskoppler Remote Code Execution Vulnerability
The BKS EBK Ethernet-Buskoppler Pro is an Ethernet bus coupler. A code issue vulnerability exists in BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01. An attacker can exploit this vulnerability to overwrite a file under the web root path and run the added web shell...
CVE-2019-7669
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges...
CVE-2019-7669
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges...
Directory Traversal
serve-here.js is vulnerable to directory traversal. The attack is possible as it allows adding ../ to the web root, listing any file in another folder of web root...
GHSA-68GR-CMCP-G3MJ Directory Traversal in lactate
A crafted GET request can be leveraged to traverse the directory structure of a host using the lactate web server package, and request arbitrary files outside of the specified web root. This allows for a remote attacker to gain access to arbitrary files on the filesystem that the process has acce...
Design/Logic Flaw
Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...
CVE-2019-9858
Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...
Design/Logic Flaw
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the we...
CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the we...
CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the we...
CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the we...
PT-2019-12686 · Elabftw · Elabftw
Name of the Vulnerable Software and Affected Versions: eLabFTW version 1.8.5 Description: The issue allows for arbitrary file uploads via the /app/controllers/EntityController.php component, potentially resulting in remote command execution. An attacker can use a user account to fully compromise...
Design/Logic Flaw
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...
CVE-2019-12170
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...
CVE-2019-12170
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...
PT-2019-12676 · Atutor · Atutor
Name of the Vulnerable Software and Affected Versions: ATutor versions prior to 2.2.5 Description: The issue allows for arbitrary file uploads via the "mods/ core/backups/upload.php" component, potentially resulting in remote command execution. An attacker can use an instructor account to fully...