11273 matches found
Cisco IOS XE Software Web Based Management Interface (cisco-sa-webui-multi-ARNHM4v6)
According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. - A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected...
PT-2025-32975 · Wellchoose · Organization Portal System
Name of the Vulnerable Software and Affected Versions: Organization Portal System affected versions not specified Description: The Organization Portal System developed by WellChoose contains an arbitrary file reading flaw. This allows unauthenticated remote attackers to exploit Absolute Path...
WordPress Elementor Website Builder Plugin < 3.30.3 Path Traversal Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elementor:websitebuilder"; ifdescription...
CVE-2024-48892
A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...
CVE-2024-40588
Multiple relative path traversal vulnerabilities CWE-23 vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 al...
CVE-2024-40588
CVE-2024-40588 describes multiple relative path traversal vulnerabilities in Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The issue allows a privileged attacker to read files on the underlying filesystem via crafted CLI requests. Affected versions include FortiCamera ...
GHSA-7HRJ-3C9X-XV5H Magento has incorrect authorization issue that leads to arbitrary file system read
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized...
Magento has incorrect authorization issue that leads to arbitrary file system read
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized...
CVE-2025-5468
CVE-2025-5468 covers Ivanti products (Connect Secure, Policy Secure, ZTA Gateway, Neurons for Secure Access). The root cause is improper handling of symbolic links, enabling a local authenticated attacker to read arbitrary on-disk files. Affected versions include Ivanti Connect Secure before 22.7...
libxml2: Out-of-Bounds Read in libxml2
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...
libxml2: Out-of-Bounds Read in libxml2
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...
CVE-2025-40584
A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 All versions, SIMOTION SCOUT TIA V5.5 All versions, SIMOTION SCOUT TIA V5.6 All versions V5.6 SP1 HF7, SIMOTION SCOUT TIA V5.7 All versions V5.7 SP1 HF1, SIMOTION SCOUT V5.4 All versions, SIMOTION SCOUT V5.5 All versions, SIMOTION SCO...
CVE-2025-6253
The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the preparetemplate function due to a missing capability check and insufficient controls on the filename specified. This makes it...
CVE-2025-8081
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the ImportImages::import function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access an...
CVE-2025-6253
The CVE-2025-6253 entry concerns the WordPress plugin UiCore Elements (Free Elementor widgets/templates) with versions up to and including 1.3.0. The vulnerability is an Arbitrary File Read caused by a missing capability check and insufficient controls on the filename in the prepare_template() fu...
CVE-2025-8081 Elementor <= 3.30.2 - Authenticated (Administrator+) Arbitrary File Read via Image Import
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the ImportImages::import function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access an...
CVE-2025-6253 UiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File Read
The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the preparetemplate function due to a missing capability check and insufficient controls on the filename specified. This makes it...
CVE-2025-6253 UiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File Read
The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the preparetemplate function due to a missing capability check and insufficient controls on the filename specified. This makes it...
CVE-2025-8081
Summary (CVE-2025-8081) The Elementor WordPress plugin (versions ≤ 3.30.2) is vulnerable to an arbitrary file read via the Import_Images::import() path traversal due to insufficient validation of the uploaded file reference (tmp_name). The underlying issue allowed authenticated administrators to ...
📄 Ghost CMS 5.59.1 Arbitrary File Read
Ghost CMS version 5.59.1 proof of concept arbitrary file read exploit. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link:...