Author: Cyberthreat Blog

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.

A directory traversal vulnerability exists in coreadminajaxdeveloperextensionsfile-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via .. sequences in the directory...

A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.

Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service.

In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.