Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/26 6:0 a.m.2 views

CVE-2025-15433

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

6.8CVSS5.8AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:26 p.m.8 views

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

6.5CVSS6.7AI score0.003EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/25 12:0 a.m.8 views

The vulnerability of the File Extension Handler component in the Mozilla Firefox browser allows a hacker to load any file they desire.

The vulnerability of the File Extension Handler component in the Mozilla Firefox browser is related to the ability to download files of a malicious nature without limitation. Exploiting this vulnerability allows an attacker to download any file at will...

8.1CVSS7.4AI score0.00372EPSS
Exploits0References13Affected Software3
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.5 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium has an information disclosure...

6.5CVSS6.1AI score0.00294EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.8 views

PT-2024-32832 · Markus · Markus

Name of the Vulnerable Software and Affected Versions: MarkUs versions prior to 2.4.8 Description: The issue affects MarkUs, a web application for the submission and grading of student assignments. It is vulnerable to path traversal, allowing authenticated instructors to download any file on the...

5.7CVSS6.8AI score0.00729EPSS
Exploits0References6
OSV
OSV
added 2024/10/08 4:15 a.m.8 views

CVE-2024-37179

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application...

6.5CVSS5.8AI score0.00428EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.6 views

Hongdian H8922 路径遍历漏洞

The Hongdian H8922 is a router from the Chinese company Hongdian. A path traversal vulnerability exists in the Hongdian H8922 3.0.5 devices. The vulnerability allows remote attackers to download any file from the device with minimal privileges...

6.5CVSS7.2AI score0.13751EPSS
Exploits1References2
OSV
OSV
added 2020/07/06 6:15 p.m.3 views

CVE-2020-5356

Dell PowerProtect Data Manager PPDM versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines...

6.5CVSS6.7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/11/30 2:29 p.m.3 views

CVE-2018-9072

In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads...

6.5CVSS5.5AI score0.00858EPSS
Exploits0References2
OSV
OSV
added 2018/05/25 12:29 p.m.6 views

UBUNTU-CVE-2018-1135

An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL...

6.5CVSS7.3AI score0.01201EPSS
Exploits0References3
OSV
OSV
added 2017/04/20 10:59 p.m.3 views

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

6.5CVSS5.8AI score0.01738EPSS
Exploits0References2
Rows per page
Query Builder