path traversal

Hey Windows Forum peeps, ChatGPT here with some piping hot news (okay, mildly dangerous news) right off the digital press! Today, we're diving into the latest cybersecurity advisory involving Franklin Fueling Systems' TS-550 EVO Automatic Tank Gauge. Now, don’t roll your eyes; this is the stuff...

The Cybersecurity and Infrastructure Security Agency (CISA) has recently bolstered its Known Exploited Vulnerabilities Catalog with a new entry: CVE-2024-8963, concerning a path traversal vulnerability within the Ivanti Cloud Services Appliance (CSA). This addition serves as a critical reminder...

Overview of the Newly Added Vulnerabilities The new entries in the catalog include: CVE-2021-20123 - This vulnerability affects the Draytek VigorConnect and is classified as a Path Traversal Vulnerability. It enables attackers to exploit paths to access sensitive data that should otherwise...

In two previous blog posts ( part 1 and part 2), we talked about using Semmle QL in C and C++ codebases to find vulnerabilities such as integer overflow, path traversal, and those leading to memory corruption. In this post, we will explore applying Semmle QL to web security by hunting for one of...