1026 matches found
GreenCMS 路径遍历漏洞
GreenCMS is GreenCMS open source a content management system CMS based on ThinkPHP development. A path traversal vulnerability exists in GreenCMS 2.3 and earlier versions, which stems from incorrect manipulation of the parameter sqlFiles/zipFiles in the file/DataController.class.php of the...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
EUVD-2025-201856
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
The CVE-2025-14286 entry concerns Tenda AC9 devices with version 15.03.05.14_multi. The vulnerability targets the file /cgi-bin/DownloadCfg.jpg in the Configuration File Handler, where an unknown functionality can be manipulated to disclose information. The issue can be exploited remotely, and pu...
CVE-2025-14286 Tenda AC9 Configuration File DownloadCfg.jpg information disclosure
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
PT-2025-49758
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.05.14 multi Description A flaw exists in Tenda AC9 version 15.03.05.14 multi related to an unknown functionality within the /cgi-bin/DownloadCfg.jpg file of the Configuration File Handler component. This issue allows fo...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13816
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...
CVE-2025-13816
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...
EUVD-2025-199973
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...
CVE-2025-13816 moxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversal
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...
Mogu blog 路径遍历漏洞
Mogu blog is a micro-architecture based front-end and back-end shared blog system by individual developers in Streamlet, China. A path traversal vulnerability exists in Mogu blog v2 5.2 and earlier versions, which stems from the improper handling of the fileUrl parameter in the FileOperation.unzi...
PT-2025-48430
Name of the Vulnerable Software and Affected Versions moxi159753 Mogu Blog v2 versions up to 5.2 Description A security issue exists in moxi159753 Mogu Blog v2. The FileOperation.unzip function within the ZIP File Handler component, located in the /networkDisk/unzipFile file, is susceptible to pa...
CVE-2025-13787
A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack...
GHSA-92X3-MFJP-J3H3 yungifez Skuul School Management System vulnerable to XSS via SVG
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
EUVD-2025-199925
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...