11287 matches found
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
Arbitrary File Read Vulnerability in SSL VPN of Beijing NetGuard Nebula Information Technology Co.
Beijing Netnifty Information Technology Co., Ltd. is a leading enterprise in the domestic information security industry, specializing in the research, development, production and sales of information security products. Beijing NetGuard Nebula Information Technology Co. Ltd NetGuard Nebula-SSL-VPN...
RHEL 8 : yelp and yelp-xsl (RHSA-2025:7569)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7569 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
RHEL 9 : yelp (RHSA-2025:7430)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7430 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
Exploit for Use of a Broken or Risky Cryptographic Algorithm in File_Away_Project File_Away
POC - CVE-2025-2539 File Away = 3.9.9.0.1 - Missing Author...
CVE-2025-4602
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...
📄 Java-springboot-codebase 1.1 Arbitrary File Read
Java-sprintboot-codebase version 1.1 suffers from an arbitrary file read vulnerability. Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...
Fedora: Security Advisory (FEDORA-2025-72469000ed)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Java-springboot-codebase 1.1 - Arbitrary File Read
Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 1.1 Tested on:...
CVE-2025-4602
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...
CVE-2025-4602
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...
CVE-2025-4602 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...
CVE-2025-4602 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the getfile function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contai...
CVE-2025-4602
CVE-2025-4602 affects eMagicOne Store Manager for WooCommerce (WordPress) versions 1.2.5 and earlier. The issue is an Arbitrary File Read via the get_file() functionality in the EMO connector, which can be invoked by unauthenticated users in default or credential-compromised configurations. The u...
CVE-2024-54188
Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access...
WordPress plugin eMagicOne Store Manager for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-22836 · WordPress · Emagicone Store Manager For Woocommerce
Name of the Vulnerable Software and Affected Versions: eMagicOne Store Manager for WooCommerce plugin for WordPress versions 1.2.5 and earlier Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, vi...
CVE-2025-46527 WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LikeCoin Web3Press allows Path Traversal. This issue affects Web3Press: from n/a through 3.2.0...
CVE-2025-46527 WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LikeCoin Web3Press likecoin allows Path Traversal.This issue affects Web3Press: from n/a through = 3.2.0...
CVE-2024-9507
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This...