Lucene search
K

11287 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.8 views

CVE-2024-44720

SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component adminsafe.php...

7.5CVSS7.3AI score0.00675EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.8 views

CVE-2024-48224

Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile...

7.5CVSS5.2AI score0.00644EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:28 a.m.7 views

CVE-2024-39210

Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application...

7.5CVSS7.1AI score0.00841EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:51 a.m.8 views

CVE-2024-45709

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited...

5.5CVSS5.3AI score0.00489EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:42 a.m.5 views

CVE-2024-40051

IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter...

7.5CVSS7.5AI score0.00662EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:42 a.m.7 views

CVE-2024-52726

CRMEB v5.4.0 is vulnerable to Arbitrary file read in the savebasics function which allows an attacker to obtain sensitive information...

7.5CVSS6.5AI score0.01631EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:42 a.m.9 views

CVE-2024-29073

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

6.5CVSS6.7AI score0.11512EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.5 views

CVE-2024-33383

Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to obtain sensitive information via a crafted GET request using the filePath parameter...

7.5CVSS6.4AI score0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:5 a.m.4 views

CVE-2023-30945

Multiple Services such as VHSVideo History Server and VCDVideo Clip Distributor and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesyst...

9.8CVSS7.2AI score0.00726EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.6 views

CVE-2023-41968

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files...

5.5CVSS5.7AI score0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.3 views

CVE-2023-30804

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpnhtml/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...

9.8CVSS7.1AI score0.18206EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.4 views

CVE-2023-30451

In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrator panel to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in datasysfilestoragedatasDEFlDEFbasePathvDEF...

4.9CVSS6.9AI score0.01161EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.7 views

CVE-2023-47171

An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read...

6.5CVSS6.6AI score0.01072EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:5 a.m.8 views

CVE-2023-49862

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURLgifimage parameter...

6.5CVSS6.6AI score0.01072EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:0 a.m.8 views

CVE-2023-51062

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...

5.3CVSS6.8AI score0.00502EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.7 views

CVE-2023-51926

YonBIP v323.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component...

7.5CVSS7.5AI score0.00598EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:54 a.m.12 views

CVE-2023-24487

Arbitrary file read in Citrix ADC and Citrix Gateway...

7.5CVSS6.8AI score0.01073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.3 views

CVE-2023-26043

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version...

6.5CVSS7AI score0.00836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.8 views

CVE-2023-26580

Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers...

7.5CVSS7.1AI score0.00662EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:34 a.m.6 views

CVE-2023-48848

An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path...

7.5CVSS6.8AI score0.00948EPSS
Exploits0
Rows per page
Query Builder