CVE-2026-6218 aandrew-me ytDownloader Error Details Panel createTextNode cross site scripting

A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. The manipulation results in cross site scripting. The attack may be performed from remote. The vendor was contacted early about this...

PepRaR

PepRaR Laborator...

Exploit for Path Traversal in Rarlab Winrar

!Window...

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities

About Remote Code Execution - WinRAR CVE-2025-6218, CVE-2025-8088 vulnerabilities. A crafted file path inside an archive may cause the extraction process to move into unintended directories including the Startup directories , which can result in archive extraction leading to the execution of...

VulnCheck KEV: CVE-2025-6218

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

RARLAB WinRAR < 7.12 Beta 1 Directory Traversal Remote Code Execution (CVE-2025-6218)

The remote host is running RARLAB WinRAR, an archive manager for Windows, whose reported version is prior to 7.12 Beta 1. It is, therefore, affected by a vulnerability: - RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-6218 Proof of Concept POC Overview This reposit...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-6218 | ZDI-CAN-27198 | ZDI-25-409 - WinRAR Path Trave...

Exploit for Path Traversal in Rarlab Winrar

🧪 CVE-2025-6218: Path Traversal en WinRAR 📌 Descripción E...

CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

CVE-2025-6218

creationtimestamp| type| source ---|---|--- 2025-06-19 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-409/ 2025-06-21 00:45:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19094 2025-06-21 01:06:35+00:00| published-proof-of-concept|...

CVE-2023-6218

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

CVE-2020-6218

Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to access information that should otherwise be restricted, leading to Information Disclosure...

CVE-2024-6218

creationtimestamp| type| source ---|---|--- 2024-06-21 04:50:04+00:00| published-proof-of-concept| https://t.me/darkcommunityofficial/1040...

CVE-2024-6218 itsourcecode Vehicle Management System busprofile.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle Management System 1.0. Affected by this issue is some unknown functionality of the file busprofile.php. The manipulation of the argument busid leads to sql injection. The attack may be launched remotely. The...

CVE-2024-6218 itsourcecode Vehicle Management System busprofile.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle Management System 1.0. Affected by this issue is some unknown functionality of the file busprofile.php. The manipulation of the argument busid leads to sql injection. The attack may be launched remotely. The...

CVE-2023-6218

creationtimestamp| type| source ---|---|--- 2023-12-20 11:12:33+00:00| seen| https://t.me/ctinow/156874...

Progress MOVEit Transfer < 2022.0.9 / 2022.1 < 2022.1.10 / 2023.0 < 2023.0.7 / 2023.1.1 Multiple Vulnerabilities (November 2023)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is prior to 2022.0.9, 2022.1 prior to 2022.1.10, 2023.0 prior to 2023.0.7 or 2023.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000246898. ...

CVE-2023-6218 MOVEit Transfer Group Admin Privilege Escalation

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...