Lucene search
K

11270 matches found

Metasploit
Metasploit
added 2025/08/28 6:53 p.m.456 views

Pretalx Arbitrary File Read/Limited File Write

This module exploits functionality in Pretalx that export conference schedule as zipped file. The Pretalx will iteratively include any file referenced by any HTML tag and does not properly check the path of the file, which can lead to arbitrary file read. The module requires credentials that allo...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/08/28 6:49 p.m.6 views

Metasploit Weekly Wrap-Up 08/28/2025

New module content 2 Pretalx Arbitrary File Read/Limited File Write Authors: Stefan Schiller and msutovsky-r7 Type: Auxiliary and Exploit Pull request: 20480 contributed by msutovsky-r7 Path: auxiliary/scanner/http/pretalxfilereadcve202328459 and exploit/linux/http/pretalxrcecve202328458 Attacker...

10CVSS7AI score0.35256EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/28 2:43 p.m.7 views

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities.

Summary There are vulnerabilities in IBM® Semeru Runtime and Open-Source Software OSS components consumed by IBM Cognos Dashboards on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability...

8.7CVSS7.3AI score0.01966EPSS
Exploits1Affected Software1
NVD
NVD
added 2025/08/27 10:15 p.m.9 views

CVE-2024-13982

SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...

8.7CVSS0.00985EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/27 9:26 p.m.3 views

CVE-2024-13982 SPON IP Network Intercom System rj_get_token.php Arbitrary File Read

SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...

8.7CVSS7.2AI score0.00985EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/27 9:26 p.m.10 views

CVE-2024-13982 SPON IP Network Intercom System rj_get_token.php Arbitrary File Read

SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...

8.7CVSS0.00985EPSS
Exploits0References3
CVE
CVE
added 2025/08/27 9:26 p.m.17 views

CVE-2024-13982

CVE-2024-13982 affects SPON IP Network Broadcast System. The vulnerability is an arbitrary file read in the rj_get_token.php endpoint caused by insufficient validation of jsondata[url], enabling directory traversal via unauthenticated crafted POST requests to read arbitrary server files (potentia...

8.7CVSS7.2AI score0.00985EPSS
In wildExploits0References3
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.5 views

PT-2025-34953 · Spon Communications · Spon Ip Network Broadcast System

Name of the Vulnerable Software and Affected Versions: SPON IP Network Broadcast System affected versions not specified Description: SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read flaw. The issue stems from...

8.7CVSS6.5AI score0.00985EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-6781

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Path traversal in Calibre = 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. CVE-2024-6781 Note that Nessus relies on the presence of the...

7.5CVSS5.9AI score0.62696EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-16790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler...

6.5CVSS6.9AI score0.01553EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-30224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client system...

5.1CVSS6AI score0.00657EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-22203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all...

9.8CVSS8.3AI score0.01388EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-22201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

9.6CVSS6.9AI score0.03073EPSS
Exploits1References2
OSV
OSV
added 2025/08/26 5:45 p.m.3 views

GHSA-CFMV-H8FX-85M7 xml2rfc has an arbitrary file read vulnerability

Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...

8.7CVSS7AI score0.00265EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/26 5:45 p.m.10 views

xml2rfc has an arbitrary file read vulnerability

Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...

7AI score0.00265EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2025/08/26 12:0 a.m.2 views

Adobe ColdFusion Server-Side Request Forgery Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...

2.7CVSS6.6AI score0.00717EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-43008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by...

7.5CVSS7.2AI score0.13641EPSS
Exploits4References2
NVD
NVD
added 2025/08/25 5:15 p.m.3 views

CVE-2025-29421

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function...

7.5CVSS0.00335EPSS
Exploits1References1
OSV
OSV
added 2025/08/25 5:15 p.m.3 views

CVE-2025-29421

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function...

7.5CVSS7.2AI score
Exploits0References1
NVD
NVD
added 2025/08/25 3:15 p.m.5 views

CVE-2025-52456

A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

8.8CVSS0.00636EPSS
Exploits1References2
Rows per page
Query Builder