CVE-2025-13261

A vulnerability was found in lsfusion platform up to 6.1. Affected is the function DownloadFileRequestHandler of the file web-client/src/main/java/lsfusion/http/controller/file/DownloadFileRequestHandler.java. Performing manipulation of the argument Version results in path traversal. Remote...

lsFusion 路径遍历漏洞

lsFusion is an information system development platform based on a declarative open source language from lsfusion Open Source. A path traversal vulnerability exists in lsfusion 6.1 and earlier versions, which stems from an incorrect operation of the parameter Version in the file...

PT-2025-47109

Name of the Vulnerable Software and Affected Versions lsfusion platform versions prior to 6.1 Description A flaw exists in the lsfusion platform that allows for path traversal. This issue affects the DownloadFileRequestHandler function located in the file...

The vulnerability of the Download File Handler component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Download File Handler component in Google Chrome exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the specially crafted Chrome Extension...

CVE-2018-1433

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM...