CVE-2025-6989

CVE-2025-6989 (KALLYAS theme for WordPress) is an authenticated (Contributor+) vulnerability in all versions up to 4.21.0 where delete_font() uses insufficient file-path validation, enabling an attacker to delete arbitrary folders on the server. The issue, with CVSS 3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:...

CVE-2025-6989 Kallyas <= 4.21.0 - Authenticated (Contributor+) Arbitrary Folder Deletion

The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the deletefont function in all versions up to, and including, 4.21.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete...

PT-2025-30949 · Dbgate · Dbgate +1

Name of the Vulnerable Software and Affected Versions: DbGate versions 6.6.0 and below Description: DbGate, a cross-platform database manager, allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from...

PT-2025-30968 · WordPress · Kallyas

Name of the Vulnerable Software and Affected Versions: Kallyas versions prior to 4.21.1 Description: The Kallyas theme for WordPress is susceptible to arbitrary folder deletion due to inadequate file path validation within the delete font function. Authenticated attackers possessing...

Improper Access Control

org.apache.jena, jena-fuseki is vulnerable to improper access control. The vulnerability is due to insufficient validation or restriction on file path locations when administrators create database files in Apache Jena, allows creation of files outside the intended directory structure...

USN-7366-2: Rack vulnerabilities

USN-7366-1 fixed vulnerabilities in Rack. This update provides the corresponding updates for Ubuntu 25.04. Original advisory details: Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. CVE-2025-25184...

Apache Jena Input Validation Error Vulnerability

Apache Jena is the Apache Software Foundation's open source Java framework for building semantic web and linked data applications. A file path validation vulnerability exists in Apache Jena 5.4.0 and earlier versions, which stems from a failure to validate file access paths in configuration files...

Shenzhen Libituo Technology LBT-T300-T310 安全漏洞

Shenzhen Libituo Technology LBT-T300-T310 is an industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-T310 version 2.2.3.6, which is caused by a buffer overflow due to a misbehavior of the function sub40B6F0 in the fi...

Online Library Management System /admin/student-history.php File SQL Injection Vulnerability

Online Library Management System is an online library management system. A SQL injection vulnerability exists in Online Library Management System, which originates from the lack of validation of externally-entered SQL statements in the parameter stdid in the file /admin/student-history.php. An...

TOTOLINK T6 clearPairCfg Function Command Injection Vulnerability

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. TOTOLINK T6 suffers from a command injection vulnerability that stems from the parameter ip of the function clearPairCfg in the file /cgi-bin/cstecgi.cgi in the...

CVE-2025-7868

A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educarcalendariodiamotivocad.php of the component Calendar Module. The manipulation of the argument Motivo/descricao results in cross site scripting. It is possible to...

Code-Projects Church Donation System 注入漏洞

The Church Donation System is a system of church giving. The Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter trcode in the file /members/offering.php. An attacker can exploit this...

Mobile Shop LoginAsAdmin.php File SQL Injection Vulnerability

Mobile Shop is a mobile store. Mobile Shop suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /LoginAsAdmin.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

Code-Projects Food Ordering Review System 注入漏洞

Code-Projects Food Ordering Review System is a Code-Projects open source food ordering review system. An injection vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which originates from a SQL injection due to misuse of the parameter fname in the file...

CVE-2025-34110

A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT...

Path Traversal

github.com/google/osv-scalibr is vulnerable to path traversal. The vulnerability is due to path traversal caused by improper validation of file paths when using the unpack function with the --remote-image flag on untrusted container images, allowing arbitrary file writes on the host system as the...

CVE-2025-7712

The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpmangadeletezip function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, whic...

CVE-2025-34120 LimeSurvey 2.0+ - 2.06+ Unauthenticated Arbitrary File Download via Serialized Backup Payload

An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint index.php/admin/update/sa/backup, allowing attackers to specify arbitrary file paths using...

CVE-2025-7360

CVE-2025-7360 (HT Contact Form Widget for Elementor / Gutenberg Blocks / Form Builder) The WordPress plugin versions up to 2.2.1 are vulnerable to an arbitrary file move due to insufficient file path validation in handle_files_upload(), allowing unauthenticated attackers to relocate files on the ...

WordPress plugin Alone 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...