PT-2025-53332

Name of the Vulnerable Software and Affected Versions Beward N100 H.264 VGA IP Camera version M2.1.6 Description The Beward N100 H.264 VGA IP Camera version M2.1.6 contains a flaw that allows authorized attackers to access arbitrary system files. This is possible through the READ.filePath...

CMSimple 安全漏洞

CMSimple is a free content management system. CMSimple suffers from a file inclusion vulnerability that stems from improper handling of template/function include paths, which allows the application to include local files without securely restricting and validating the file paths. An attacker can...

Home Assistant 安全漏洞

Home Assistant is an open source home automation management system from Home Assistant Open Source. The system is primarily used to control home automation devices. A security vulnerability exists in Home Assistant versions prior to 2025.8.0 that stems from insufficient file path validation and...

EUVD-2025-204686

A vulnerability was determined in code-projects Refugee Food Management System 1.0. The affected element is an unknown function of the file /home/home.php. This manipulation of the argument a causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

hdf5: HDF5 heap-based overflow

A heap-based buffer overflow was found in HDF5. This flaw exists in the H5Faddrdecodelen function of the /hdf5/src/H5Fint.c file and may be triggered by input manipulation to the function. Local access is required to exploit this flaw...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

GHSA-F43R-CC68-GPX4 External Control of File Name or Path in Langflow

Vulnerability Overview If an arbitrary path is specified in the request body's fspath, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths e.g., /etc/poc.txt ar...

External Control of File Name or Path in Langflow

Vulnerability Overview If an arbitrary path is specified in the request body's fspath, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths e.g., /etc/poc.txt ar...

CVE-2025-68478 Langflow Vulnerable to External Control of File Name or Path

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's fspath, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction,...

CVE-2025-68478 Langflow Vulnerable to External Control of File Name or Path

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's fspath, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction,...

CVE-2025-68478

Langflow CVE-2025-68478 affects versions prior to 1.7.0. An authenticated user can specify an arbitrary path in the request body fs_path; the server serializes the Flow to JSON and writes it to that path without path validation or directory restrictions. This enables potential overwriting or crea...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

CVE-2025-14898

A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has be...

CVE-2025-43526

This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted...

CVE-2025-14707 Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server command injection

A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/httpeshellserver of the component DOCKER Feature. Performing manipulation of the argument params results in command injection. The attack may be initiated remotely. The exploi...

itsourcecode COVID Tracking System SQL注入漏洞

itsourcecode COVID Tracking System is a new coronary pneumonia tracking system open-sourced by itsourcecode. An SQL injection vulnerability exists in version 1.0 of itsourcecode COVID Tracking System, which stems from an incorrect manipulation of the parameter Username in the file...

EUVD-2025-203269

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/updatestudent.php. This manipulation of the argument studid causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2025-14566

A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initia...

Information Disclosure

Jenkins Git Client Plugin is vulnerable to an Information Disclosure. The vulnerability is due to differential form validation behavior, where Git URL validation responses vary based on whether an attacker-specified file path exists on the Jenkins controller when using the amazon-s3 protocol,...

Command Injection

sqls-server/sqls is vulnerable to Command Injection. The vulnerability is due to improper sanitization of the EDITOR environment variable and config file path in the openEditor function, which allows an attacker to execute arbitrary commands through crafted input passed to sh -c...