The manipulation of the argument FileDirectory leads to absolute path traversal. This issue affects some unknown processing of the file \Service\FileHandler.ashx. Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.Ī vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The content retrieved is however limited to the first line of the file.
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The identifier VDB-238637 was assigned to this vulnerability. The exploit has been disclosed to the public and may be used. The manipulation of the argument filePath leads to path traversal. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.Ī vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807.
0 kommentar(er)
