#php

### Impact Path Traversal is possible in `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName`. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. The file will be deleted immediately after the script ends. ### Workarounds Apply patch ```patch --- a/vendor/oro/platform/src/Oro/Bundle/GaufretteBundle/FileManager.php +++ b/vendor/oro/platform/src/Oro/Bundle/GaufretteBundle/FileManager.php @@ -614,6 +614,10 @@ */ public function getTemporaryFileName(string $suggestedFileName = null): string { + if ($suggestedFileName) { + $suggestedFileName = basename($suggestedFileName); + } + $tmpDir = ini_get('upload_tmp_dir'); if (!$tmpDir || !is_dir($tmpDir) || !is_writable($tmpDir)) { $tmpDir = sys_get_temp_dir(); ``` Or decorate `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName` in yo...

In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method `productsUpdateModel::getExportIds()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.

SQL Injection vulnerability in32ns KLive v.2019-1-19 and before allows a remote attacker to obtain sensitive information via a crafted script to the web/user.php component.

OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. Path Traversal is possible in `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName`. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. This vulnerability has been fixed in version 5.0.9.

In Math/BinaryField.php in phpseclib before 3.0.34, excessively large degrees in binary fields can lead to a denial of service.

In Math/BinaryField.php in phpseclib before 3.0.34, excessively large degrees can lead to a denial of service.

The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.

Cross Site Scripting vulnerability in smpn1smg absis v.2017-10-19 and before allows a remote attacker to execute arbitrary code via the nama parameter in the lock/lock.php file.

The Atemio AM 520 HD Full HD satellite receiver has a vulnerability that enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the getcommand query within the application, allowing the attacker to gain root access. Firmware versions 2.01 and below are affected.