CVE-2024-8501

An arbitrary file download vulnerability exists in the rpcagentclient component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpcagent's host by exploiting the downloadfile method. This can lead to unauthorized access to sensitive...

AgentScope 安全漏洞

AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. A security vulnerability exists in AgentScope version v0.0.4, which stems from the rpcagentclient component that allows arbitrary file downloads, an attacker can utilize the downloadfi...

carRental 安全漏洞

carRental is a car rental software from carRental, Inc. A security vulnerability exists in carRental version v.1.0, which stems from the file/downloadFile.action?path=location contains a path traversal vulnerability...

PT-2025-2208 · Social · Socialv

Name of the Vulnerable Software and Affected Versions: SocialV - Social Network and Community BuddyPress Theme versions up to, and including, 2.0.15 Description: The issue is related to unauthorized access of data due to a missing capability check on the socialv send download file function. This...

WordPress WooCommerce Wishlist plugin <= 1.8.7 - Unauthenticated IDOR via download_pdf_file Function vulnerability

Unauthenticated IDOR via downloadpdffile Function vulnerability discovered by Tim Coen in WordPress Plugin MC Woocommerce Wishlist versions = 1.8.7...

PT-2024-10236 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5032 B20200407 Description: A command insertion vulnerability was discovered in the downloadFile.cgi main function. This issue allows an attacker to execute arbitrary commands by sending a specially crafted HTTP...

CVE-2024-53335

TOTOLINK A810R V4.1.2cu.5182B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi...

NUS-M9 安全漏洞

NUS-M9 is an ERP system from China Zhelin NUS Company. A security vulnerability exists in NUS-M9 v3.0.0, which originates from the presence of an arbitrary file download in the component /Basics/DownloadInpFile, which allows an attacker to request the download of an arbitrary file and gain access...

CVE-2024-44759

An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request...

Automatic Systems SlimLane 安全漏洞

Automatic Systems SlimLane is a high-performance electronic inspection system based on a high-density infrared beam matrix from Automatic Systems. A security vulnerability exists in Automatic Systems SlimLane that stems from an information disclosure issue contained in the Racine and FileName...

PT-2024-33242 · Automatic Systems Maintenance · Slimlane

Name of the Vulnerable Software and Affected Versions: Automatic Systems Maintenance SlimLane affected versions not specified Description: An issue in Automatic Systems Maintenance SlimLane allows a remote attacker to obtain sensitive information via the Racine and FileName parameters in the...

CentOS 7 : firefox (RHSA-2020:4080)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4080 advisory. - In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds...

CVE-2024-37179

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application...

CVE-2024-46646

eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file...

eNMS 安全漏洞

eNMS is a network automation platform from eNMS Open Source. A security vulnerability exists in eNMS versions prior to 4.7.1 that stems from vulnerability to directory traversal attacks via /download/file...

VulnCheck KEV: CVE-2017-11511

The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files...

CVE-2024-8104

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the downloadfileajax function. This makes it possible for authenticated attackers, with subscriber access and above, to read the contents of...

PT-2024-38804 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: WP Extended plugin for WordPress versions up to, and including, 3.0.8 Description: The issue allows authenticated attackers, with subscriber access and above, to read the contents of arbitrary files on the server, which can contain sensitive...

Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal", 'Description' = %q This module exploits a directory...

VulnCheck KEV: CVE-2021-20123

Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...