CVE-2018-19041 – Media File Manager <= 1.4.2 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. El plugin Media File Manager 1.4.2 para WordPress permite Cross-Site Scripting (XSS) en el parámetro dir de una acción mrelocator_getdir en el URI wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/45809 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-9206 – Tajer <= 1.0.5 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 Vulnerabilidad de subida de archivos arbitrarios sin autenticar en Blueimp jQuery-File-Upload en versiones iguales o anteriores a la v9.22.0. The Tajer for WordPress is vulnerable to arbitrary file uploads due to inclusion of a vulnerable version of the Blueimp jQuery-File-Upload library in versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Blueimp jQuery File Upload versions 9.22.0 and below suffer from a remote file upload vulnerability. • https://www.exploit-db.com/exploits/45790 https://www.exploit-db.com/exploits/46182 https://www.exploit-db.com/exploits/45584 https://github.com/Den1al/CVE-2018-9206 https://github.com/mi-hood/CVE-2018-9206 http://www.securityfocus.com/bid/105679 http://www.securityfocus.com/bid/106629 http://www.vapidlabs.com/advisory.php?v=204 https://wpvulndb.com/vulnerabilities/9136 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://github.com/blue • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-17095 – audiofile: Heap-based buffer overflow in Expand3To4Module::run() when running sfconvert
https://notcve.org/view.php?id=CVE-2018-17095
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. Se ha descubierto un problema en mpruett Audio File Library (también conocido como audiofile) versiones 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. Ha ocurrido un desbordamiento de búfer basado en memoria dinámica (heap) en Expand3To4Module::run al ejecutar sfconvert • https://github.com/mpruett/audiofile/issues/50 https://github.com/mpruett/audiofile/issues/51 https://usn.ubuntu.com/3800-1 https://access.redhat.com/security/cve/CVE-2018-17095 https://bugzilla.redhat.com/show_bug.cgi?id=1631088 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2018-16549
https://notcve.org/view.php?id=CVE-2018-16549
HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. HScripts PHP File Browser Script v1.0 permite salto de directorio mediante el parámetro path en index.php. • https://packetstormsecurity.com/files/149204 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2014-2079
https://notcve.org/view.php?id=CVE-2014-2079
X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. X File Explorer (también conocido como xfe) podría permitir que usuarios locales omitan las restricciones de acceso planeadas y obtengan acceso a archivos arbitrarios aprovechando el error a la hora de emplear máscaras de directorio al crear archivos en las comparticiones Samba y NFS. • http://www.openwall.com/lists/oss-security/2014/02/24/5 http://www.securityfocus.com/bid/65748 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536 https://bugzilla.redhat.com/show_bug.cgi?id=1069066 https://exchange.xforce.ibmcloud.com/vulnerabilities/91519 • CWE-264: Permissions, Privileges, and Access Controls •