Lucene search
K

11287 matches found

Vulnrichment
Vulnrichment
added 2025/05/27 12:0 a.m.5 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

6.8AI score0.00305EPSS
Exploits1References2
CNVD
CNVD
added 2025/05/27 12:0 a.m.1 views

Arbitrary File Read Vulnerability in SSL VPN of Beijing NetGuard Nebula Information Technology Co.

Beijing Netnifty Information Technology Co., Ltd. is a leading enterprise in the domestic information security industry, specializing in the research, development, production and sales of information security products. Beijing NetGuard Nebula Information Technology Co. Ltd NetGuard Nebula-SSL-VPN...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.16 views

RHEL 8 : yelp and yelp-xsl (RHSA-2025:7569)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7569 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...

7.4CVSS7.3AI score0.10598EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.6 views

RHEL 9 : yelp (RHSA-2025:7430)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7430 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...

7.4CVSS7.3AI score0.10598EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2025/05/26 12:6 p.m.298 views

Exploit for Use of a Broken or Risky Cryptographic Algorithm in File_Away_Project File_Away

POC - CVE-2025-2539 File Away = 3.9.9.0.1 - Missing Author...

7.5CVSS9.2AI score0.0155EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2025/05/26 4:7 a.m.21 views

CVE-2025-4602

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...

7.5CVSS7AI score0.00558EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2025/05/26 12:0 a.m.97 views

📄 Java-springboot-codebase 1.1 Arbitrary File Read

Java-sprintboot-codebase version 1.1 suffers from an arbitrary file read vulnerability. Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...

8.7CVSS7.1AI score0.03847EPSS
Exploits13
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2025-72469000ed)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.5AI score0.10598EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.319 views

Java-springboot-codebase 1.1 - Arbitrary File Read

Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 1.1 Tested on:...

8.7CVSS7AI score0.03847EPSS
Exploits13
OSV
OSV
added 2025/05/24 4:15 a.m.2 views

CVE-2025-4602

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...

7.5CVSS5.9AI score0.00558EPSS
Exploits2References6
NVD
NVD
added 2025/05/24 4:15 a.m.17 views

CVE-2025-4602

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...

7.5CVSS0.00558EPSS
Exploits2References7
Cvelist
Cvelist
added 2025/05/24 3:37 a.m.21 views

CVE-2025-4602 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...

5.9CVSS0.00558EPSS
Exploits2References7
Vulnrichment
Vulnrichment
added 2025/05/24 3:37 a.m.24 views

CVE-2025-4602 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...

5.9CVSS7AI score0.00558EPSS
Exploits2References6
CVE
CVE
added 2025/05/24 3:37 a.m.71 views

CVE-2025-4602

CVE-2025-4602 affects eMagicOne Store Manager for WooCommerce (WordPress) versions 1.2.5 and earlier. The issue is an Arbitrary File Read via the get_file() functionality in the EMO connector, which can be invoked by unauthenticated users in default or credential-compromised configurations. The u...

7.5CVSS5.8AI score0.00558EPSS
Exploits2References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/24 12:17 a.m.13 views

CVE-2024-54188

Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access...

5.3CVSS6.7AI score0.06044EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.7 views

WordPress plugin eMagicOne Store Manager for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS5.9AI score0.00558EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2025/05/24 12:0 a.m.6 views

PT-2025-22836 · WordPress · Emagicone Store Manager For Woocommerce

Name of the Vulnerable Software and Affected Versions: eMagicOne Store Manager for WooCommerce plugin for WordPress versions 1.2.5 and earlier Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, vi...

7.5CVSS5.9AI score0.00558EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2025/05/23 12:43 p.m.7 views

CVE-2025-46527 WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LikeCoin Web3Press allows Path Traversal. This issue affects Web3Press: from n/a through 3.2.0...

6.5CVSS7.1AI score0.00416EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/23 12:43 p.m.12 views

CVE-2025-46527 WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LikeCoin Web3Press likecoin allows Path Traversal.This issue affects Web3Press: from n/a through = 3.2.0...

6.5CVSS0.00416EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:43 a.m.5 views

CVE-2024-9507

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This...

4.9CVSS6.5AI score0.00519EPSS
Exploits0References1
Rows per page
Query Builder