See SEL Service Bulletin dated for more details.ĭHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path TraversalĪgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request.Īn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path. Tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the attacker to create or write to files outside the current directory via a crafted tar archive.Ī path traversal issue was discovered on GL.iNet devices before 3.216. This occurs in frontend/web/middleware/static-theme.js. Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F.%2F.%2F/ directory traversal.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |