Lucene search
K

8 matches found

NVD
NVD
added 2026/06/15 2:16 p.m.12 views

CVE-2016-20081

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the filepath parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acces...

8.7CVSS0.00641EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 12:0 p.m.8 views

EUVD-2016-10893

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the filepath parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acces...

8.7CVSS5.4AI score0.00641EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 p.m.7 views

CVE-2016-20081 WordPress Plugin HB Audio Gallery Lite 1.0.0 Path Traversal File Download

WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the filepath parameter. Attackers can send requests to the audio-download.php endpoint with directory traversal sequences to acces...

8.7CVSS5.4AI score0.00641EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 12:0 p.m.14 views

CVE-2016-20081

HB Audio Gallery Lite 1.0.0 (WordPress) has a path traversal in audio-download.php via the file_path parameter that allows unauthenticated access to arbitrary files outside the gallery directory (e.g., wp-config.php). Root cause: inadequate validation of the file_path input. The connected documen...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in mp3-do-wnload-file-to-day-60280-lay-down-and-love-it-live-yfkc2-lppmhd (npm)

The package mp3-do-wnload-file-to-day-60280-lay-down-and-love-it-live-yfkc2-lppmhd was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-26789 Malicious code in mp3-do-wnload-file-to-day-13796-flick-the-vs-isfeh-rasowi (npm)

The package mp3-do-wnload-file-to-day-13796-flick-the-vs-isfeh-rasowi was found to contain malicious code...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/13 8:12 a.m.12 views

Beers with Talos, Ep. #114: And then there were two...

Beers with Talos BWT Podcast episode No. 114 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Dec. 9, 2021. If iTunes and Google Play aren't your thing, click here. We joked... This is only the beginning! Please vis...

2.6AI score
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.16 views

Command Execution Vulnerability in Xiaodu Route AV Version

Xiaodu Router is a smart router product launched by Baidu, which can transmit cloud data at will and support remote download of audio and video resources. Xiaodu Router AV version has a command execution vulnerability, which can be exploited by attackers to obtain server control privileges...

7.4AI score
Exploits0
Rows per page
Query Builder