External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicio
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL <4.4-005P may allow an authenticated network-based attacker to access data from the file system.
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows an attacker with local access to the Controller to perform arbitrary code execution.
This issue affec
PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters.
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by
External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system c
A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation
A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name
External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.This issue affects PlexTrac: from 1.61.3 before 2.8.1.
BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The `path` parameter is not properly validated and is echoed into a shell co
Path traversal vulnerability exists in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow an attacker to tamper with arbitrary files and execute arbitr
A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of th
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code
A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of t
WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.
A vulnerability, which was classified as problematic, was found in Eastnets PaymentSafe 2.5.26.0. This affects an unknown part of the file /directRouter.rfc of the component Edit Manual Reply Handler.
Page 1+ Next →