PT-2025-34343 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong is susceptible to an arbitrary file reading issue. This allows remote attackers with regular privileges to exploit an Absolute Path Traversal flaw to...

WebITR 安全漏洞

WebITR is a poor attendance system from WebITR Corporation of Taiwan, China. A security vulnerability exists in WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

PT-2025-34491 · Tableau · Tableau Server

Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: Tableau Server is susceptible to an unrestricted file upload issue within the Flow Editor modules,...

CVE-2025-54118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

CVE-2025-54118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

CVE-2025-54118

CVE-2025-54118 affects NamelessMC before version 2.2.4, where an unauthenticated attacker can disclose sensitive information (e.g., absolute path of the source code) via the list parameter in the member list component. The issue was fixed in 2.2.4. The provided connected sources confirm the vulne...

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

PT-2025-33665 · Unknown · Namelessmc

Name of the Vulnerable Software and Affected Versions: NamelessMC versions prior to 2.2.4 Description: NamelessMC is a website software for Minecraft servers. A sensitive information disclosure issue exists in versions prior to 2.2.4, allowing an unauthenticated remote attacker to gain sensitive...

Linux Distros Unpatched Vulnerability : CVE-2023-40590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after...

CVE-2025-8909

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2025-8912

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2025-8912

CVE-2025-8912 affects WellChoose Organization Portal System with an Arbitrary File Reading vulnerability via Absolute Path Traversal. Public data describes an unauthenticated remote attacker being able to download arbitrary system files. The CVE metrics indicate NETWORK access, low attack complex...

CVE-2025-8912 WellChoose｜Organization Portal System - Arbitrary File Reading through Path Traversal

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2025-8909 WellChoose｜Organization Portal System - Arbitrary File Reading through Path Traversal

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

PT-2025-32972 · Wellchoose · Organization Portal System

Name of the Vulnerable Software and Affected Versions: Organization Portal System affected versions not specified Description: The Organization Portal System developed by WellChoose contains an arbitrary file reading flaw. This allows remote attackers with regular privileges to exploit Absolute...

Linux Distros Unpatched Vulnerability : CVE-2023-5115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim...

Absolute path traversal in zip:unzip/1,2

...

CVE-2025-53079

Absolute Path Traversal in Samsung DMSData Management Server allows authenticated attacker Administrator to read sensitive files...