CVE-2019-15843
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A man-in-the-middle attacker could write files or read privileged data.
Source: CVE-2019-15843
[월:] 2019년 09월
CVE-2018-1847
CVE-2018-1847
IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 150946.
Source: CVE-2018-1847
CVE-2019-16399
CVE-2019-16399
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.
Source: CVE-2019-16399
CVE-2019-16403
CVE-2019-16403
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
Source: CVE-2019-16403
CVE-2019-16216
CVE-2019-16216
Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy such as Internet Explorer 11. On a Zulip server using the S3 uploads backend, the attack is confined to the origin of the configured S3 uploads hostname and cannot reach the Zulip server itself.
Source: CVE-2019-16216
CVE-2016-10994
CVE-2016-10994
The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.
Source: CVE-2016-10994
CVE-2016-10995
CVE-2016-10995
The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.
Source: CVE-2016-10995
CVE-2019-16215
CVE-2019-16215
The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.
Source: CVE-2019-16215
CVE-2019-16396
CVE-2019-16396
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
Source: CVE-2019-16396
CVE-2019-16395
CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.
Source: CVE-2019-16395