2494 matches found
AZL-64073 CVE-2025-4748 affecting package erlang 26.2.5.17-1
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
CVE-2025-4748
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
DEBIAN-CVE-2025-4748
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
CVE-2025-4748
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
AZL-64068 CVE-2025-4748 affecting package erlang for versions less than 25.3.2.21-2
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
CVE-2025-4748 Absolute path traversal in zip:unzip/1,2
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
CVE-2025-4748 Absolute path traversal in zip:unzip/1,2
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
CVE-2025-4748
CVE-2025-4748 – Erlang/OTP path traversal in stdlib zip handling : The issue arises from path restriction flaws in lib/stdlib/src/zip.erl, affecting OTP 17.0 up to 28.0.1 (including OTP 27.3.4.1 and 26.2.5.13) and corresponding stdlib 2.0–7.0.1, 6.2.2.1, 5.2.3.4. It enables absolute path traversa...
javahongxi whatsmars 路径遍历漏洞
javahongxi whatsmars is a Java eco-research by Redxi Individual Developers. A path traversal vulnerability exists in javahongxi whatsmars version 2021.4.0, which stems from a path traversal issue that could lead to file manipulation...
hansonwang99 Spring-Boot-In-Action 路径遍历漏洞
hansonwang99 Spring-Boot-In-Action is hansonwang99 individual developer of a Spring Boot series of practical collection. hansonwang99 Spring-Boot-In-Action has a path traversal vulnerability that stems from a path traversal issue that could lead to file manipulation...
Erlang/OTP 路径遍历漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles processing exceptions. The library can catch exceptions raised by the node.js built-in API. A path traversal vulnerability exists in Erlang/OTP versions 17.0 through 28.0.1, 27.3.4.1, and 26.2.5.13, which stems fro...
Erlang - Absolute Path in Zip Module
https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc reports: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program...
PT-2025-25276 · Unknown · Kicode111 Like-Girl
Name of the Vulnerable Software and Affected Versions: kiCode111 like-girl version 5.2.0 Description: A critical issue has been found in the processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id, imgText, imgDatd, or imgUrl leads to SQL injection. The attack may be...
CVE-2025-5973
PHPGurukul Restaurant Table Booking System 1.0 contains a cross-site scripting (XSS) flaw in the /admin/add-table.php file. The vulnerability arises from manipulation of the tableno parameter in an unknown functionality, enabling remote attacker input that can execute scripts in a user’s browser ...
CVE-2025-5886 Emlog article.php cross site scripting
A vulnerability was found in Emlog up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin/article.php. The manipulation of the argument activepost leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed ...
CVE-2025-5881
CVE-2025-5881 affects code-projects Chat System (versions up to 1.0). Multiple connected sources describe a vulnerability in /user/confirm_password.php where manipulating the parameter cid allows an SQL injection. Exploitation can be remote and the vulnerability has been disclosed publicly. Evide...
CVE-2025-5706
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /new-user-testing.php. The manipulation of the argument state leads to sql injection. The attack ca...
CVE-2025-5617
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2025-5758 SourceCodester Open Source Clinic Management System doctor.php sql injection
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...
PT-2025-24060 · Undefined · Undefined
CVSS: 4.3 Impact Loss of Availability Loss of Confidentiality Loss of Integrity Description A remote authenticated attacker can exploit a vulnerability in Synology DiskStation Manager and Synology Router Manager in order to manipulate files. Affected Versions Synology - Synology Router Manager -...