11270 matches found
Pretalx Arbitrary File Read/Limited File Write
This module exploits functionality in Pretalx that export conference schedule as zipped file. The Pretalx will iteratively include any file referenced by any HTML tag and does not properly check the path of the file, which can lead to arbitrary file read. The module requires credentials that allo...
Metasploit Weekly Wrap-Up 08/28/2025
New module content 2 Pretalx Arbitrary File Read/Limited File Write Authors: Stefan Schiller and msutovsky-r7 Type: Auxiliary and Exploit Pull request: 20480 contributed by msutovsky-r7 Path: auxiliary/scanner/http/pretalxfilereadcve202328459 and exploit/linux/http/pretalxrcecve202328458 Attacker...
Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities.
Summary There are vulnerabilities in IBM® Semeru Runtime and Open-Source Software OSS components consumed by IBM Cognos Dashboards on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability...
CVE-2024-13982
SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...
CVE-2024-13982 SPON IP Network Intercom System rj_get_token.php Arbitrary File Read
SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...
CVE-2024-13982 SPON IP Network Intercom System rj_get_token.php Arbitrary File Read
SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...
CVE-2024-13982
CVE-2024-13982 affects SPON IP Network Broadcast System. The vulnerability is an arbitrary file read in the rj_get_token.php endpoint caused by insufficient validation of jsondata[url], enabling directory traversal via unauthenticated crafted POST requests to read arbitrary server files (potentia...
PT-2025-34953 · Spon Communications · Spon Ip Network Broadcast System
Name of the Vulnerable Software and Affected Versions: SPON IP Network Broadcast System affected versions not specified Description: SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read flaw. The issue stems from...
Linux Distros Unpatched Vulnerability : CVE-2024-6781
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Path traversal in Calibre = 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. CVE-2024-6781 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2017-16790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler...
Linux Distros Unpatched Vulnerability : CVE-2025-30224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client system...
Linux Distros Unpatched Vulnerability : CVE-2021-22203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all...
Linux Distros Unpatched Vulnerability : CVE-2021-22201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...
GHSA-CFMV-H8FX-85M7 xml2rfc has an arbitrary file read vulnerability
Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...
xml2rfc has an arbitrary file read vulnerability
Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...
Adobe ColdFusion Server-Side Request Forgery Vulnerability
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...
Linux Distros Unpatched Vulnerability : CVE-2021-43008
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by...
CVE-2025-29421
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function...
CVE-2025-29421
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function...
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...