Lucene search
K

44496 matches found

Patchstack
Patchstack
added 2026/05/15 10:15 a.m.12 views

WordPress Quick Playground plugin <= 1.3.3 - Unauthenticated Path Traversal to Arbitrary File Read vulnerability

Unauthenticated Path Traversal to Arbitrary File Read vulnerability discovered by ? in WordPress Plugin Quick Playground versions = 1.3.3...

7.5CVSS5.8AI score0.00811EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 7:46 a.m.7 views

CVE-2026-6403 Quick Playground <= 1.3.3 - Unauthenticated Path Traversal to Arbitrary File Read via 'stylesheet' Parameter

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckplyziptheme function, which appends a user-controlled 'stylesheet' parameter directly to the theme root directory path without...

7.5CVSS5.9AI score0.00811EPSS
Exploits0References11
CVE
CVE
added 2026/05/15 7:46 a.m.13 views

CVE-2026-6403

The Quick Playground plugin for WordPress (up to version 1.3.3) is vulnerable to a Path Traversal flaw. The root cause is insufficient validation in the qckply_zip_theme() function, which directly appends a user-controlled 'stylesheet' parameter to the theme root directory path without sanitizing...

7.5CVSS5.9AI score0.00811EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 a.m.7 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

7.3CVSS6.2AI score0.00284EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.16 views

PT-2026-41386

Name of the Vulnerable Software and Affected Versions Joplin versions prior to 3.5.7 Description A path traversal issue exists in the OneNote importer. The OneNote converter fails to sanitize the names of embedded files before writing them to disk. An attacker can create a malicious .one file...

8.2CVSS6.3AI score0.00206EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.13 views

Adobe Substance 3D Designer <= 15.1.0 Multiple Vulnerabilities (APSB26-52)

The version of Adobe Substance 3D Designer installed on the remote host is prior or equal to 15.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-52 advisory. - Substance3D - Designer versions 15.1.0 and earlier are affected by a Server-Side Request Forgery...

7.8CVSS6.4AI score0.00177EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

APM – Agent Package Manager 路径遍历漏洞

APM – Agent Package Manager is an AI-based dependency management tool open sourced by Microsoft. Versions of APM prior to 0.13.0 contained a path traversal vulnerability. This vulnerability stemmed from a Windows-specific archive extraction boundary failure. When using apm install with Python 3.1...

5.5CVSS5.9AI score0.0061EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/14 9:23 p.m.5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the export process. An attacker can write files to arbitrary locations on the filesystem by uploading an asset with a crafted filename containing directory traversal sequences and then triggering an administrator...

8.6CVSS6.3AI score0.00495EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.10 views

CVE-2026-31156

A path injection vulnerability exists in OpenPLC v3 2c82b0e79c53f8c1f1458eee15fec173400d6e1a as the binary program compiled from gluegenerator.cpp does not perform any validation on the file path parameters passed via the command line. The user-controlled input parameters are directly passed to t...

6.5CVSS5.9AI score0.00409EPSS
Exploits2References1
CVE
CVE
added 2026/05/14 6:44 p.m.25 views

CVE-2026-44522

Vulnerability summary (CVE-2026-44522) Note Mark up to 0.19.3 allows authenticated users to upload assets with a crafted X-Name header containing directory traversal. The asset name is stored in the database without validation, and is later passed directly to filepath.Join()/path.Join() during ex...

8.6CVSS6AI score0.00495EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/14 6:25 p.m.9 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to insufficient path sanitization in the osfs.ChrootOS component. An attacker can gain unauthorized access to unintended filesystem locations by supplying crafted paths containing directory traversal sequences...

8.6CVSS6.3AI score0.0031EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/14 6:14 p.m.16 views

Arbitrary File Read And Write

Incus is vulnerable to arbitrary file read and write. The vulnerability is due to improper enforcement of the pongo2 chroot isolation mechanism in instance template files, which allows an attacker to bypass filesystem restrictions and perform arbitrary file read/write operations on the host syste...

9.9CVSS5.9AI score0.00481EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2026/05/14 5:10 p.m.15 views

Directory Traversal

github.com/gtsteffaniak/filebrowser is vulnerable to Directory Traversal. The vulnerability is due to improper sanitization of attacker-controlled path input before path validation, which allows an attacker to use traversal sequences to delete arbitrary files outside the intended shared directory...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.18 views

Apache Camel: org.apache.camel: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection

A flaw was found in Apache Camel. A remote attacker with Java Message Service JMS producer access could exploit a vulnerability in how certain header filter strategies process case-variant internal headers. This discrepancy, where filtering is case-sensitive but header processing is not, allows f...

9.9CVSS6.4AI score0.0086EPSS
Exploits0References5
Veracode
Veracode
added 2026/05/14 4:43 p.m.27 views

Directory Traversal

org.springframework.cloud, spring-cloud-config-server is vulnerable to a Directory Traversal. The vulnerability is due to improper validation of specially crafted URL paths in the spring-cloud-config-server module, which allows an attacker to perform a directory traversal attack and access...

9.1CVSS5.9AI score0.00727EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/14 4:23 p.m.5 views

GHSA-RPGQ-M5FP-32WR Portainer Has an Arbitrary File Read via Git Symlink Injection in Stack Auto-Update

Summary Portainer supports deploying stacks from Git repositories. When a Git-backed stack is created or updated, Portainer clones the repository using go-git v5, which translates Git blob entries with mode 0o120000 symlink into real OS symlinks on the host filesystem via os.Symlink. The only ent...

9.9CVSS5.9AI score0.00416EPSS
Exploits2References6
Snyk
Snyk
added 2026/05/14 4:23 p.m.11 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the ExtractTarGz process. An attacker can write arbitrary files to locations outside the intended extraction directory by submitting a crafted .tar.gz archive containing directory traversal sequences. This is only...

7CVSS6.3AI score0.00606EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 4:23 p.m.5 views

GHSA-M8FG-67J7-CX4V Portainer has a path traversal in backup archive extraction that allows arbitrary file write

Summary Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructed output paths using filepath.Cleanfilepath.JoinoutputDirPath, header.Name. This combination does not...

5.5CVSS5.9AI score0.00606EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/05/14 4:23 p.m.9 views

Portainer has a path traversal in backup archive extraction that allows arbitrary file write

Summary Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructed output paths using filepath.Cleanfilepath.JoinoutputDirPath, header.Name. This combination does not...

5.5CVSS5.9AI score0.00606EPSS
Exploits1References6Affected Software1
Patchstack
Patchstack
added 2026/05/14 4:17 p.m.7 views

NPM: n8n Has an Arbitrary File Read via Git Node

NPM: n8n Has an Arbitrary File Read via Git Node vulnerability discovered by ? in WordPress Npm n8n versions 1.123.43...

6AI score0.00632EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder