Lucene search
K

9 matches found

EUVD
EUVD
added 2025/12/18 12:34 a.m.4 views

EUVD-2023-60223

Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...

7.1CVSS6.2AI score0.00683EPSS
Exploits1References4
NVD
NVD
added 2025/12/17 11:15 p.m.5 views

CVE-2023-53907

Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...

7.1CVSS0.00683EPSS
Exploits1References3
OSV
OSV
added 2025/12/17 10:44 p.m.5 views

CVE-2023-53907 Bludit 3.13.1 Authenticated Arbitrary File Download via Backup Plugin

Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...

7.1CVSS6AI score0.00683EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21373

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00189EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48621

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00688EPSS
Exploits0References2
NVD
NVD
added 2024/08/28 5:15 p.m.36 views

CVE-2024-7744

In WSFTP Server versions before 8.8.8 2022.0.8, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has...

6.5CVSS0.00688EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/28 4:30 p.m.18 views

CVE-2024-7744 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP Server

In WSFTP Server versions before 8.8.8 2022.0.8, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has...

6.5CVSS6.7AI score0.00688EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/01/28 7:9 p.m.11 views

CVE-2021-31567 WordPress Download Monitor plugin <= 4.4.6 - Authenticated Arbitrary File Download vulnerability

Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...

6.8CVSS6.6AI score0.01391EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/08/06 12:0 a.m.49 views

OpenEMR < 5.0.2 Multiple Vulnerabilities

OpenEMR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr"; ifdescription...

9.8CVSS6.8AI score0.66891EPSS
Exploits19References4
Rows per page
Query Builder