pacman renames the downloaded package file to match the name given in this header. Pacman before 5.1.3 allows directory traversal when installing a remote package via a specified URL "pacman -U " due to an unsanitized file name received from a Content-Disposition header. (dot dot) in the framefile parameter.ĭirectory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.ĭirectory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via "." sequences in unknown vectors.
The Brizy Page Builder plugin =8.14, =13.4, =13.5, is used, directory traversal validation can be bypassed.ĭirectory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.ĭirectory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to include and execute arbitrary local files via a. The vulnerability exists because the affected software does not perform proper input validation o. Ī vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. An attacker could exploit this vulnerability by using directory tra.
The vulnerability is due to insufficient input validation. Ī vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. Directory Traversal using the filename SanitizeFilename function in settings.c."ĭirectory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a. This is related to a patch described as "9 of 9. An issue was discovered in ytnef before 1.9.1.
0 kommentar(er)
