Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20544 matches found

Vulnrichment
Vulnrichmentadded 2026/05/16 3:28 p.m.4 views

CVE-2021-47977 WordPress Anti-Malware Security Bruteforce Firewall <= 4.20.72 Directory Traversal

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...

8.7CVSS5.9AI score0.00561EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/16 3:28 p.m.4 views

CVE-2021-47977

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...

8.7CVSS5.9AI score0.00561EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/16 3:28 p.m.7 views

EUVD-2021-34837

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...

8.7CVSS5.9AI score0.00561EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/16 3:28 p.m.34 views

CVE-2021-47977 WordPress Anti-Malware Security Bruteforce Firewall <= 4.20.72 Directory Traversal

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...

8.7CVSS0.00561EPSS
Exploits0References4
CVE
CVEadded 2026/05/16 3:28 p.m.17 views

CVE-2021-47977

CVE-2021-47977 affects the WordPress plugin Anti-Malware Security and Bruteforce Firewall 4.20.59. It describes a directory traversal vulnerability where unauthenticated attackers can read arbitrary files by manipulating the file parameter via the duplicator_download action in admin-ajax.php, usi...

8.7CVSS5.9AI score0.00561EPSS
Exploits0References4
CVE
CVEadded 2026/05/16 3:26 p.m.8 views

CVE-2020-37246

The CVE affects the WordPress plugin Supsystic Backup 2.3.9 . A local file inclusion (LFI) flaw arises from manipulating the download parameter in admin.php with directory traversal sequences, enabling unauthenticated attackers to read arbitrary files (e.g., /etc/passwd) and to delete files via t...

6.9CVSS5.9AI score0.00028EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/16 3:26 p.m.5 views

CVE-2020-37246

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access...

6.9CVSS5.9AI score0.00028EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/16 3:26 p.m.10 views

EUVD-2020-31246

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access...

6.9CVSS5.9AI score0.00028EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/16 3:26 p.m.4 views

CVE-2020-37246 WordPress Plugin Supsystic Backup 2.3.9 Local File Inclusion

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access...

6.9CVSS5.9AI score0.00028EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/16 3:26 p.m.29 views

CVE-2020-37246 WordPress Plugin Supsystic Backup 2.3.9 Local File Inclusion

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access...

6.9CVSS0.00028EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/16 3:26 p.m.4 views

CVE-2020-37245

Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication settings, allowing...

8.7CVSS5.7AI score0.00158EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/16 3:26 p.m.5 views

EUVD-2020-31247

Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication settings, allowing...

8.7CVSS5.7AI score0.00158EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/16 3:26 p.m.28 views

CVE-2020-37245 WordPress Plugin Supsystic Digital Publications 1.6.9 Path Traversal XSS

Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication settings, allowing...

8.7CVSS0.00158EPSS
Exploits0References4
CVE
CVEadded 2026/05/16 3:26 p.m.9 views

CVE-2020-37245

Supsystic Digital Publications 1.6.9 for WordPress is affected by two issues described in the CVE-2020-37245 entry: a path traversal vulnerability in the Folder input field that can expose files outside the web root, and stored cross-site scripting caused by failure to sanitize inputs in publicat...

8.7CVSS5.7AI score0.00158EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/16 3:26 p.m.5 views

CVE-2020-37245 WordPress Plugin Supsystic Digital Publications 1.6.9 Path Traversal XSS

Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication settings, allowing...

8.7CVSS5.7AI score0.00158EPSS
Exploits0References4
Veracode
Veracodeadded 2026/05/16 5:28 a.m.5 views

Path Traversal

lakeFS is vulnerable to Path Traversal. The vulnerability is due to insufficient path validation in verifyRelPath within pkg/block/local/adapter.go, where strings.HasPrefix is used to validate storage paths without enforcing path boundaries. This allows authenticated users to use path traversal...

8.1CVSS5.8AI score0.00067EPSS
Exploits0References3Affected Software1
Veracode
Veracodeadded 2026/05/16 5:18 a.m.10 views

Sandbox Bypass

OpenClaude is vulnerable to Improper Access Control. The vulnerability is due to a logic flaw in bashToolHasPermission within src/tools/BashTool/bashPermissions.ts, where the sandbox auto-allow path returns success before checkPathConstraints is evaluated, allowing attackers to use path traversal...

8.4CVSS5.8AI score0.00011EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/16 12:0 a.m.7 views

PT-2026-41445

Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication settings, allowing...

8.7CVSS5.7AI score0.00158EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/16 12:0 a.m.7 views

WordPress plugin Supsystic Digital Publications 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.7CVSS5.6AI score0.00158EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/05/16 12:0 a.m.4 views

WordPress plugin Anti-Malware Security and Bruteforce Firewall 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.7CVSS5.9AI score0.00561EPSS
Exploits0References1
Rows per page
Query Builder