9 matches found
CVE-2026-7252
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduledoriginalfiledeletion function in all versions up to, and including, 4.5.2 Th...
CVE-2026-25605
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in...
PT-2026-1414
Name of the Vulnerable Software and Affected Versions BuddyPress Xprofile Custom Field Types plugin versions through 1.2.8 Description The BuddyPress Xprofile Custom Field Types plugin for WordPress has a flaw that allows authenticated attackers with Subscriber-level access or higher to delete...
EUVD-2021-20402
Malware in sbrugna...
CVE-2019-15493
openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21...
Avira Prime 安全漏洞
Avira Prime is a security software from the German company Avira. A security vulnerability exists in Avira Prime version 1.1.96.2, which stems from an arbitrary file deletion issue in Avira.Spotlight.Service.exe, which could lead to elevated privileges...
The vulnerability in the databasefiledelete.php script of the ASPECT Enterprise, NEXUS Series, MATRIX Series embedded network controller software web server allows a perpetrator to gain unauthorized access to the device and delete arbitrary files.
The vulnerability of the databasefiledelete.php web script of the ASPECT Enterprise, NEXUS Series, MATRIX Series embedded network controller software lies in the use of files and directories accessible from external parties. Exploiting this vulnerability could allow an attacker to gain unauthoriz...
Wwbn Avideo Security Breach
Wwbn Avideo is a video platform builder written in PHP by the Wwbn team. A security vulnerability exists in versions of Avideo prior to 8.9, which stems from the import.json.php file having a file deletion vulnerability. This allows for the deletion of configuration.php, which causes certain...
Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce...