935 matches found
PT-2026-30905
Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.63.1 Description: File Browser is a file managing interface. Prior to version 2.63.1, when an administrator revokes a user's Share and Download permissions, existing share links created by that user remain...
CVE-2026-34524
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read...
WordPress plugin Perfmatters 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-34524 SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read...
Endian Firewall 路径遍历漏洞
Endian Firewall is a network security firewall system developed by Endian Corporation. Versions of Endian Firewall 3.3.25 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the lack of cleaning of the directory traversal sequences for the remove ARCHIVE paramete...
GHSA-VPRR-Q85P-79MF SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root
Summary A Path Traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root for example secrets.json and settings.json by supplying avatarurl="..". Details The input validator used by avatarurl blocks only / and NUL bytes...
PT-2026-29662
Summary A Path Traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root for example secrets.json and settings.json by supplying avatar url="..". Details The input validator used by avatar url blocks only / and NUL...
CVE-2026-29070 Open WebUI has unauthorized deletion of knowledge files
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base or is admin,...
CVE-2026-28816
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission...
CVE-2026-25689
An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeceptor 6.0 all versions, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions,...
CVE-2026-28792
Tina is a headless content management system. Prior to 2.1.8 , the TinaCMS CLI dev server combines a permissive CORS configuration Access-Control-Allow-Origin: with the path traversal vulnerability previously reported to enable a browser-based drive-by attack. A remote attacker can enumerate the...
WordPress plugin WP Job Portal 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the ReadOne process. An attacker can gain unauthorized access to and delete files belonging to other users by supplying their own accessible task ID along with a target attachment...
EUVD-2026-15077
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission...
CVE-2026-28816
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission...
CVE-2026-28823
CVE-2026-28823: A path handling issue in macOS Tahoe 26.4 (Admin Framework) with inadequate validation could enable a root-privileged app to delete protected system files. The vulnerability is fixed in macOS Tahoe 26.4; ongoing risk remains if unpatched systems exist. The CVE entry notes a protec...
CVE-2026-28816
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission...
CVE-2026-33493
CVE-2026-33493 affects WWBN AVideo (versions up to and including 26.0). The vulnerability is rooted in objects/import.json.php, which only validates fileURI ends with .mp4 and imposes no directory restriction. An authenticated user with upload permission can abuse this to: (1) import another user...
WordPress plugin Invelity Product Feeds 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController
Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...