Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11166 matches found

CVE
CVEadded 2026/05/29 1:5 p.m.14 views

CVE-2026-45731

WWBN AVideo vulnerability CVE-2026-45731 affects view/update.php in versions 29.0 and earlier. The code reads $_POST['updateFile'] as a relative path under updatedb/ and feeds it to PHP’s file() for line-by-line execution during a database migration, enabling an authenticated administrator to rea...

6.9CVSS6AI score0.00396EPSS
Exploits1References1Affected Software1
EUVD
EUVDadded 2026/05/29 1:5 p.m.11 views

EUVD-2026-33306

WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $POST'updateFile' as a relative path under updatedb/ and passes it to PHP's file for line-by-line execution as part of a database migration. An authenticated administrator can abuse this to read arbitrary tex...

6.9CVSS6AI score0.00396EPSS
Exploits1References1
EUVD
EUVDadded 2026/05/29 12:45 p.m.7 views

EUVD-2026-33299

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/29 12:45 p.m.7 views

CVE-2026-10074

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/29 12:45 p.m.8 views

CVE-2026-10074 Interinfo|DreamMaker - Arbitrary File Read

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References2
CVE
CVEadded 2026/05/29 12:45 p.m.13 views

CVE-2026-10074

CVE-2026-10074 : DreamMaker (Interinfo) is affected by an Arbitrary File Read vulnerability that enables a privileged local attacker to perform a Relative Path Traversal to download arbitrary system files. The issue is described across multiple sources as a file-read exposure with a potential con...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/29 12:39 p.m.6 views

CVE-2026-10073

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/29 12:39 p.m.27 views

CVE-2026-10073 Interinfo|DreamMaker - Arbitrary File Read

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00353EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/29 12:39 p.m.6 views

EUVD-2026-33294

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/29 12:39 p.m.7 views

CVE-2026-10073 Interinfo|DreamMaker - Arbitrary File Read

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References2
CVE
CVEadded 2026/05/29 12:39 p.m.15 views

CVE-2026-10073

DreamMaker by Interinfo is affected by an Arbitrary File Read via Relative Path Traversal, allowing unauthenticated local access to download arbitrary system files. CVSS v3.1 base score 7.5 (HIGH) and CVSS v4.0 base score 8.7 (HIGH). No exploitation status or patch details are provided in the sup...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References2
NVD
NVDadded 2026/05/29 12:16 p.m.10 views

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS0.00434EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 10:51 a.m.7 views

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS6AI score0.00434EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/29 10:51 a.m.8 views

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS6AI score0.00434EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 10:51 a.m.33 views

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS0.00434EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/29 12:38 a.m.8 views

EUVD-2026-33061

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS6AI score0.006EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.10 views

PT-2026-44837

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.8 views

PT-2026-44924

Name of the Vulnerable Software and Affected Versions xiaomusic version 0.5.7 Description An unauthenticated path traversal issue exists in the 'GET /music/file path:path' endpoint. This occurs due to an incomplete path prefix check and a missing trailing separator in the comparison logic...

8.7CVSS5.9AI score0.00469EPSS
Exploits0References9
Exploit DB
Exploit DBadded 2026/05/29 12:0 a.m.47 views

Prodigy Commerce 3.3.0 - Local File Inclusion

Exploit Title: Prodigy Commerce 3.3.0 - Local File Inclusion Date: 23-05-2026 Exploit Author: Diamorphine Vendor Homepage: https://prodigycommerce.com/ Software Link: https://wordpress.org/plugins/prodigy-commerce/ Version: 3.2.9 Tested on: Debian CVE : CVE-2026-0926 Description: Prodigy Commerce...

9.8CVSS5.8AI score0.06124EPSS
Exploits4
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.10 views

PT-2026-44838

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References3
Rows per page
Query Builder