132 matches found
EUVD-2018-11533
Malware in sbrugna...
EUVD-2019-10745
Malware in sbrugna...
EUVD-2020-16624
Malware in sbrugna...
EUVD-2017-9247
Malware in sbrugna...
EUVD-2024-50850
Malicious code in bioql PyPI...
EUVD-2024-46451
Malicious code in bioql PyPI...
EUVD-2023-46232
Malicious code in bioql PyPI...
EUVD-2024-27314
Malicious code in bioql PyPI...
CVE-2025-48006
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service DoS condition ma...
CVE-2025-20148
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...
CVE-2025-44962
RUCKUS SmartZone SZ before 6.1.2p3 Refresh Build allows ../ directory traversal to read files...
Exploit for CVE-2025-30208
🔥 CVE-2025-30208 Vite Arbitrary File Read Vulnerability Scanne...
Exploit for CVE-2025-1094
I have written this exploit with reference to the PoC available...
CVE-2023-32322
Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host...
CVE-2012-6099
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration...
CVE-2006-6974
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 list files in the includes/ directory; obtain the SQL username and password via a direct request for 2 config.php and 3 config.php.bak in includes/; rea...
CVE-2025-2777 SysAid On-Prem <= 23.3.40 lshw Proceessing XML External Entity Injection
SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives...
PT-2025-18685
Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 0.45.0 Description Stirling-PDF is a locally hosted web application that allows users to perform various operations on PDF files. The application is vulnerable to SSRF-induced arbitrary file read due to WeasyPrin...
CVE-2024-8955
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS actions...
CVE-2024-8055
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...