Lavalite version 9.0.0 suffers from a path traversal vulnerability.
d6085d1df4bbceda7849d49a14e340d1311171cc8e2f1b42c855dce50beb5675ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote access as root via ssh.
92decaa3308d461393dc637c13861ced7bcb4cd43a2c333235f9835ee562ecb9Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities.
9f6dbcbbd09678c80d311d3e820d1c82de2bd7a04264742755ac9d8302b00c0fKardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution.
960e6d130eb7b30180562e91395b84ea4b20026b7ec3c0ea3b55a62820151341ChiKoi version 1.0 suffers from a directory traversal vulnerability.
f6f4c9a329aacc62158437feb049e556fbc94806ccce29cccc65207d028728aaOn January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference, cross site request forgery as well as cross site scripting in versions up to, and including, 2.0.2.
e3ba7e7e5a2df6cde42d9ee75f8bec79e5251c694adb11dfae0969e813acffdbOpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities.
878b6d4e07e3ca1216865ef2e9312235d0ef20675c4ac011f7949b86a24ac5afWordPress Slider Revolution plugin version 4.9.2 suffers from a directory traversal vulnerability.
b974aee33a66e29925be0ab29843b305b114f9a63e635ad75ca2c10d50af3474WordPress Slider Revolution plugin version 4.6.5 suffers from a directory traversal vulnerability.
c0ad551826885e99515a7f31a6660bf3f6f546a33382b918ec3a80f8f2c57bbcWordPress Slider Revolution plugin version 4.1.3 suffers from a directory traversal vulnerability.
83b023ff748b63a814933d6674398e32e4fb2ba5c520cc7997e01b2a23da875cWordPress Slider Revolution plugin version 4.1.2 suffers from a directory traversal vulnerability.
d3b71e6cca26b526cd8c1ef3f9be1a645c838d5b2349fa4c8be240892908d108WordPress Slider Revolution plugin version 3.0.8 suffers from a directory traversal vulnerability.
129c075ad285b288723e5f16312e3c90c87bccd10a3436f09ab9fdb5cfb03d53Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected system. This vulnerability may allow an unauthenticated malicious user to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application. Affected versions include HX200 8.3.1.14, HX90 6.11.0.5, HX50L 6.10.0.18, HN9460 8.2.0.48, and HN7000S 6.9.0.37.
01732a937c344613efd7c1ef744f546511c874deecd845ef0ca2d232baf0e177ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and open redirection vulnerabilities.
ee31da97db0bda4a3b42019ff3e199e34d24625e0b83fa1d18f2b97da9c2728cA directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.
7aa7ca72652dab91234127d8332a19316f0f61be17e1c626e65aae18d9435347Drupal H5P Module versions 2.0.0 and below suffer from a traversal vulnerability when handling a zipped filename on windows.
29cd61d23f4b78dbb93cdc479cba570c70b094e72db31910170d0c3eb73d58f8AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 suffers from a path traversal vulnerability.
a78de92013681ef6d9eab5f28cda6712397f5a30d67a7a27854785925a87f96aSAP Manufacturing Execution Core versions 15.1 through 15.3 suffer from a path traversal vulnerability.
d2c66b61de7a4021d8a7f4c40b09c163f1f708ce3aa8581767e5edaefd4cc198PhotoSync version 4.7 suffers from a local file inclusion vulnerability.
f5e6b3cd183e91afacf647b3547160e0d93026087e059f1843c8761cd5e32985Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
5e1df728b64bebf1797218fca034b9eeed532e773c31131307d679d65b406b40InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.
c9873dff912c339fc99f6c1c0d26c32ecee59d977893de8864d051af5bba5038@Drive version 2.8 suffers from a local file inclusion vulnerability.
1c242342304c59d9a82db2eb45e80f971e783004a6b81e805655fb5adc09c690FE File Explorer version 11.0.4 suffers from a local file inclusion vulnerability.
9596719bde6a381ce9f18435b2517e8ecf2d1838ab031974d2c37d361f760254FTPManager version 8.2 suffers from local file inclusion and directory traversal vulnerabilities.
3e761447e17269780279f6f239a28cde76f4d7d642e4fd2bf87303f7df3f583cWifi HD Wireless Disk Drive version 11 suffers from a local file inclusion vulnerability.
b20518edc15d62d991e82375c15b066d88b50865b9271eeedc4ac3a8e580a204
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed