Show CWE-73: External Control of File Name or Path - CXSecurity.com

	Topic	Date	Author
Med.	Trend Micro ServerProtect Disclosure / CSRF / XSS	26.05.2017	Multiple
Med.	Cisco Firepower Threat Management Console Local File Inclusion	06.10.2016	Matt Bergin
High	PLANET IP LFI / CSRF / XSS / Authentication Bypass	17.05.2016	Orwelllabs
High	Arris DG1670A Cable Modem Remote Command Execution	14.02.2016	Matt Bergin
Med.	SAP Business Objects Unauthorized File Repository Server Read	26.02.2015	Onapsis
Med.	SAP Business Objects Unauthorized File Repository Server Write	26.02.2015	Onapsis

CVEMAP Search Results

CVE

Details

Description

2021-10-22

	CVE-2021-38475	Updating...	The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.
	CVE-2021-38477	Updating...	There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.

2021-10-18

Low

CVE-2021-36097

Vendor: OTRS
Software: OTRS

Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it could be moved to the queue where the agent has "rw" permissions and gain a full control. This issue affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions.

2021-10-08

Medium

CVE-2021-41974

Vendor: Tad book3 project
Software: Tad book3

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.

2021-10-06

Low

CVE-2021-34758

Vendor: Cisco
Software: Telepresence...

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient access controls to a shared memory resource. An attacker could exploit this vulnerability by corrupting a shared memory segment on an affected device. A successful exploit could allow the attacker to cause the device to reload. The device will recover from the corruption upon reboot.

2021-10-05

Low

CVE-2021-39889

Vendor: Gitlab
Software: Gitlab

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

2021-10-04

Low

CVE-2021-39868

Vendor: Gitlab
Software: Gitlab

In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.

2021-10-01

Medium	CVE-2021-3747	Updating...	The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner.
Medium	CVE-2020-21014	Vendor: Emlog Software: Emlog	emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.

2021-09-23

Medium

CVE-2021-41428

Vendor: Datev
Software: Framework li...

Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components.

Copyright 2021, cxsecurity.com