CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

715 matches found

CVE-2016-20080

WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wpabspath parameter. Attackers can supply path traversal sequences or remote URLs through the...

6.9CVSS

Exploits0References4

EUVD•added yesterday•4 views

EUVD-2016-10893

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the filepath parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acces...

8.7CVSS5.4AI score

Exploits0References3

EUVD•added yesterday•4 views

EUVD-2016-10892

6.9CVSS5.6AI score

Exploits0References4

CVE•added yesterday•6 views

CVE-2016-20081

HB Audio Gallery Lite 1.0.0 (WordPress) has a path traversal in audio-download.php via the file_path parameter that allows unauthenticated access to arbitrary files outside the gallery directory (e.g., wp-config.php). Root cause: inadequate validation of the file_path input. The connected documen...

8.7CVSS5.5AI score

Exploits0References3

EUVD•added 3 days ago•7 views

EUVD-2026-36644

The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary .php files from the server, including configuration files that contain database credentials and authentication keys...

5.5AI score0.00219EPSS

Exploits0References1

Positive Technologies•added 3 days ago•7 views

PT-2026-49080

Name of the Vulnerable Software and Affected Versions Store Locator WordPress plugin versions prior to 1.6.9 Description Insufficient validation of a parameter used in a file path allows high-privileged users, such as administrators, to read arbitrary .php files from the server. This can lead to...

3.4CVSS5.5AI score0.00219EPSS

Exploits0References6

CNNVD•added 6 days ago•2 views

Roxy-WI 注入漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Versions of Roxy-WI 8.2.6.4 and earlier have a vulnerability that stems from the getldapemail function, which constructs LDAP search filters using f-string concatenation. The username URL path...

4.9CVSS5.4AI score0.00234EPSS

Exploits0References2

EUVD•added 2026/06/08 1:55 a.m.•6 views

EUVD-2022-56000

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00313EPSS

Exploits0References3

ATTACKERKB•added 2026/06/08 1:55 a.m.•6 views

CVE-2022-50953

6.9CVSS5.6AI score0.00313EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/06/05 7:46 p.m.•5 views

CVE-2026-6381

The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform Local File Inclusion attacks...

7.5CVSS5.4AI score0.00394EPSS

Exploits0References1

CVE•added 2026/06/05 6:6 p.m.•18 views

CVE-2026-45750

Summary: CVE-2026-45750 affects Termix prior to 2.3.2. The flaw is in the GET /ssh/file_manager/ssh/resolvePath endpoint of the Termix File Manager, where the path parameter is embedded into a shell command executed in the active SSH session. User-controlled input is placed inside double quotes w...

9CVSS5.5AI score0.00234EPSS

Exploits1References2Affected Software1

CNNVD•added 2026/06/05 12:0 a.m.•1 views

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from the insecure handling of path parameters by the GET /ssh/filemanager/ssh/resolvePath endpoint, which caused...

9CVSS5.5AI score0.00234EPSS

Exploits1References3

NVD•added 2026/06/04 2:16 p.m.•7 views

CVE-2019-25727

WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=exportcsv and a malicious path paramet...

9.8CVSS0.00446EPSS

Exploits0References3

Cvelist•added 2026/06/04 1:22 p.m.•33 views

CVE-2019-25727 WordPress Plugin ad manager wd 1.0.11 Arbitrary File Download

9.8CVSS0.00446EPSS

Exploits0References3

Vulnrichment•added 2026/06/04 1:22 p.m.•8 views

CVE-2019-25727 WordPress Plugin ad manager wd 1.0.11 Arbitrary File Download

9.8CVSS5.9AI score0.00446EPSS

Exploits0References3

EUVD•added 2026/06/04 1:22 p.m.•6 views

EUVD-2019-20163

9.8CVSS5.9AI score0.00446EPSS

Exploits0References3

ATTACKERKB•added 2026/06/04 1:22 p.m.•4 views

CVE-2019-25727

9.8CVSS5.9AI score0.00446EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/06/04 12:0 a.m.•10 views

PT-2026-46197

9.8CVSS5.9AI score0.00446EPSS

Exploits0References4

Snyk•added 2026/05/29 7:18 p.m.•5 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection in the path query parameter of the volume browser endpoint, which is passed unsanitized to a shell command. An attacker can execute arbitrary commands within the helper container by injecting shell metacharacters into...

6.3CVSS6AI score0.0021EPSS

Exploits0References2

Snyk•added 2026/05/29 7:18 p.m.•5 views

Command Injection

6.3CVSS6AI score0.0021EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by