CVE-2026-48896

Insufficient state checks lead to a vector that allows to bypass 2FA checks...

PT-2026-23548

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2 Description The software contains an authorization bypass issue where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command...

File Browser 安全漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.57.1 contained security vulnerabilities. These vulnerabilities stemmed from...

Drupal Email TFA 安全漏洞

Drupal Email TFA is a Drupal community module that provides email-based two-factor authentication functionality for Drupal. A security vulnerability exists in Drupal Email TFA versions prior to 2.0.6 that stems from bypassing authentication using an alternate path or channel, which could lead to...

EUVD-2021-28594

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-7418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks...

CVE-2025-32819

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

USN-6530-2 haproxy vulnerability

Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

PT-2024-2299 · Apache · Apache Ofbiz

Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions prior to 18.12.12 Description: The issue is related to a possible path traversal in Apache OFBiz, allowing authentication bypass. This can be exploited by a remote attacker to bypass the authentication process...

CVE-2024-1019

ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...

SUSE CVE-2005-0710

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...

The vulnerability of the AVEVA Edge SCADA system, related to bypassing the path when using the UNC resource for Windows, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the AVEVA Edge SCADA system relates to bypassing the path when using the UNC path for general Windows resources “\UNC\share\name”. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by sending a specially crafted HTT...

The vulnerability of the conf_id parameter in the TrueConf Server software lies in the possibility of bypassing the path in the script /client/upsld/v1. This allows a perpetrator to execute arbitrary code by writing a specially crafted php file into a folder accessible through the web interface.

The vulnerability of the confid parameter in the TrueConf Server software relates to the possibility of bypassing the path in the script /client/upsld/v1. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by writing a specially crafted php file to a folder accessibl...

Micro Focus (Novell) Filr 1.2 <= 1.2.0.846 / 2 <= 2.0.0.421 Multiple Vulnerabilities

Micro Focus Novell Filr is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microfocus:filr"; i...