SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a backup CMS. A fix is available in version 3.06.2.ĬloudPanel v2.2.2 allows attackers to execute a path traversal. For a path traversal attack, the only characters required were the dot (`.`) and the slash (`/`).
The parameter location is not filtered, validated or sanitized and it accepts any kind of characters.
In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticated API routes, to access otherwise protected API routes leading to escalation of privileges and information disclosure. In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion.ĭirectory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. Fast and efficient file zipping and unzipping lets you create zip files of your important documents, images, music and more to save disk space, email, or burn to CD.Cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php.
Also convert other files archives to zip files to easily open and extract from rar, tar, 7z, iso and more. You can compress files to reduce size for email transmission or conserve disk space.
Express Zip is an easy to use archiving and compression tool to create, edit, manage and extract zipped files and folders. Express Zip Software for file compression.
0 kommentar(er)
