CVE-2026-1196

A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function of the file /system/getFileInfoById. Such manipulation of the argument ID leads to information disclosure. It is possible to launch the attack remotely. The attack requires a high level of complexity...

CVE-2025-59203

CVE-2025-59203 affects the Windows StateRepository API. The issue is described as an insertion of sensitive information into a log file, enabling local disclosure by an authenticated attacker with local access. The CVSS v3.1 base score is 5.5 (Medium) with Local attack vector and Low attack compl...

CVE-2025-59203 Windows State Repository API Server File Information Disclosure Vulnerability

...

EUVD-2022-46900

Malicious code in bioql PyPI...

CVE-2025-11079

The CVE-2025-11079 entry concerns Campcodes Farm Management System version 1.0. Affected component is some unknown functionality that allows file and directory information disclosure. The vulnerability may be exploited remotely and, per sources, the exploit has been released publicly. The exact r...

CVE-2024-1098 Rebuild proxy-download QiniuCloud.getStorageFile information disclosure

A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The exploit has been disclosed to the public and may b...

CVE-2024-0191 RRJ Nueva Ecija Engineer Online Portal file information disclosure

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit...

CVE-2021-40402

An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev commit b5f1eacd, and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file...

CVE-2020-16121

CVE-2020-16121 affects PackageKit in multiple Linux distros. The flaw allows a local, unprivileged user to learn the MIME type and presence of files via DBus interfaces (InstallFiles, GetFilesLocal, GetDetailsLocal). Several advisories and Nessus/NVD references show this as an information-disclos...

CVE-2020-0859

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...

Windows Media Player Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk. To exploit the vulnerability, a user would have to open a specially...

CVE-2017-11768

Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows remote attackers to test for the presence of files on disk via a...

Kajona Directory Traversal Vulnerability

Kajona is an open source CMS written in PHP. A directory traversal vulnerability exists in Kajona version 4.7. An attacker can exploit this vulnerability to obtain information about files present on the system...

Wesnoth File Information Disclosure Vulnerability

The Battle For Wesnoth is an open source, cross-platform, free-to-play turn-based strategy game. A file information disclosure vulnerability exists in Wesnoth. This vulnerability can be exploited by attackers to obtain sensitive information...

Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability

Cisco Prime Data Center Network Manager DCNM contains a file information disclosure vulnerability that could allow an unauthenticated, remote attacker to retrieve arbitrary files from the underlying operating system. Cisco has released software updates that address this vulnerability. Workarounds...

Attachmax多个输入验证漏洞

BUGTRAQ ID: 31207 Attachmax是用于在网站提供视频内容的脚本。 Attachmax脚本中存在多个输入验证错误，允许恶意用户泄露敏感信息或执行文件包含攻击。 1. 远程文件包含 config.php页面没有正确的验证对relpath参数的输入便用于包含文件，这可能导致包含本地或外部资源的任意文件。成功利用这个漏洞要求打开了registerglobals选项。 2. 文件信息泄露 主文件夹中的info.php文件没有受到保护，攻击者可以从浏览器中直接看到这个文件，窃取服务器的敏感信息。 3. SQL盲注...