Lucene search
K

21413 matches found

Nuclei
Nuclei
added 13 hours ago41 views

Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion

A directory traversal vulnerability in the Foobla Suggestions comfooblasuggestions component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-2920 info: name: Joomla! Component Foobla...

6.8CVSS6.1AI score0.05688EPSS
Exploits2References5
Nuclei
Nuclei
added 13 hours ago30 views

Joomla! Component JotLoader 2.2.1 - Local File Inclusion

A directory traversal vulnerability in the JotLoader comjotloader component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. id: CVE-2010-4617 info: name: Joomla! Component JotLoader 2.2.1 - Local File...

6.8CVSS6.1AI score0.08571EPSS
Exploits2References5
Nuclei
Nuclei
added 13 hours ago62 views

Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via 1 "//" multiple leading slash, 2 ../ dot dot sequences, and encoded dot dot sequences in a URL...

5CVSS7.4AI score0.08604EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago41 views

Joomla! Component jesectionfinder - Local File Inclusion

A directory traversal vulnerability in the JExtensions JE Section/Property Finder jesectionfinder component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php. id: CVE-2010-2680 info: name: Joomla!...

6.8CVSS6.2AI score0.04848EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago87 views

phpMyAdmin 5.0.2 - CRLF Injection

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable. id: CVE-2020-11441 info: name: phpMyAdmin 5.0.2 - CRLF Injecti...

6.1CVSS6.8AI score0.02312EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago31 views

Solara <1.35.1 - Local File Inclusion

A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...

8.6CVSS7.3AI score0.02884EPSS
Exploits0References3
Nuclei
Nuclei
added 13 hours ago20 views

Joomla! Component JRadio - Local File Inclusion

A directory traversal vulnerability in JRadio comjradio component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-4719 info: name: Joomla! Component JRadio - Local File Inclusion...

7.5CVSS6.1AI score0.15786EPSS
Exploits2References5
Nuclei
Nuclei
added 13 hours ago69 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.3AI score0.88559EPSS
Exploits22References4
Nuclei
Nuclei
added 13 hours ago61 views

Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion

Zyxel VMG1312-B10D 5.13AAXA.8 is susceptible to local file inclusion. A remote unauthenticated attacker can send a specially crafted URL request containing "dot dot" sequences /../, conduct directory traversal attacks, and view arbitrary files. id: CVE-2018-19326 info: name: Zyxel VMG1312-B10D...

7.5CVSS6.9AI score0.09759EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago50 views

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion

A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files...

7.5CVSS7.3AI score0.15242EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago36 views

Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion

A directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the...

4.3CVSS6.1AI score0.06429EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago10 views

Hippoo Mobile App for WooCommerce <= 1.7.1 - Unauthenticated Arbitrary File Read

The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to and including 1.7.1 via the templateredirect function. The plugin registers 'hippooserve' as a WordPress query variable and uses it to serve PWA files from the pwa/ directory. In...

7.5CVSS6AI score0.02056EPSS
Exploits0References3
Nuclei
Nuclei
added 13 hours ago12 views

Spring Framework - Path Traversal

Spring Framework MVC applications deployed as WAR or with embedded Servlet containers that do not reject suspicious URI sequences and serve static resources with Spring resource handling contain a path traversal vulnerability, letting attackers access unauthorized files, exploit requires...

5.9CVSS6.5AI score0.01916EPSS
Exploits1References4
Nuclei
Nuclei
added 13 hours ago26 views

mTheme Unus < 2.3 - Directory Traversal

The mTheme-Unus theme for WordPress, prior to version 2.3, contained a directory traversal flaw that let attackers access arbitrary files. This was possible by exploiting the files parameter in css/css.php with .. sequences. id: CVE-2015-9406 info: name: mTheme Unus 2.3 - Directory Traversal...

7.5CVSS7.2AI score0.55008EPSS
Exploits1References4
Nuclei
Nuclei
added 13 hours ago9 views

White Star Software ProTop - Directory Traversal

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences. id: CVE-2025-44177 info: name:...

8.2CVSS7.3AI score0.04173EPSS
Exploits3References4
Nuclei
Nuclei
added 13 hours ago43 views

Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion

A directory traversal vulnerability in the Dione Form Wizard aka FDione or comdioneformwizard component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-2045 info: name: Joomla! Component...

7.5CVSS6.1AI score0.08931EPSS
Exploits2References4
Nuclei
Nuclei
added 13 hours ago114 views

Microweber < 1.2.11 - CRLF Injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0666 info: name: Microweber 1.2.11 - CRLF Injection author: ritikchaddha severity: high description: | CRLF Injection leads to Sta...

7.6CVSS7AI score0.44259EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago38 views

SolarView Compact < 6.00 - Directory Traversal

SolarView Compact before version 6.00 is vulnerable to directory traversal via the file parameter in downloader.php. An unauthenticated attacker can read arbitrary files from the system by using path traversal sequences with a null byte bypass to access sensitive files such as /etc/passwd. id:...

7.5CVSS7.2AI score0.02885EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added yesterday12 views

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak System

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System version 2.3.6.1 and IBM Cloud Pak System version 2.3.5.1. Vulnerability Details CVEID:CVE-2025-0395 DESCRIPTION: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for...

9.4CVSS7.5AI score0.63258EPSS
Exploits12Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added yesterday24 views

Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring

Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 2.7 Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super typ...

8.1CVSS7.4AI score0.54862EPSS
Exploits11Affected Software1
Rows per page
Query Builder