PT-2026-45918

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

CVE-2025-7389

CVE-2025-7389 describes a vulnerability in the OpenEdge AdminServer component where authenticated users could gain OS-level access and read arbitrary host files via misused methods exposed through the RMI interface, specifically the prototypes like setFile() and openFile() . The issue hinges on t...

MBS多款产品 安全漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. MBS UBR-01 Mk II is a remote base station device. MBS UBR-02 is also a remote base station device. MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security vulnerabilities;...

CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-25739

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10 are vulnerable to cross-site scripting when uploading certain file types as materials. Users should upgrade to version 3.3.10 to receive a patch. To apply the...

CVE-2026-23491

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A path traversal vulnerability exists in the getfile method of the Guest module's Get controller in InvoicePlane up to and including through 1.6.3. The vulnerability allows unauthenticated attacker...

CVE-2026-23491

InvoicePlane up to version 1.6.3 is affected by a path traversal vulnerability in the Guest.Get controller’s get_file method, allowing unauthenticated attackers to read arbitrary server files (including configuration with database credentials). Root cause: improper input handling of the filename ...

PT-2026-20490

Name of the Vulnerable Software and Affected Versions InvoicePlane versions through 1.6.3 Description InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A path traversal issue exists in the get file method of the Guest module's Get controller. This...

CVE-2025-67819

An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker who can call the GetFile method while a shard is in the "Pause file activity" state and the FileReplicationService is reachable can read arbitrary files...

CVE-2025-67819

An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker who can call the GetFile method while a shard is in the "Pause file activity" state and the FileReplicationService is reachable can read arbitrary files...

EUVD-2024-54327

Malicious code in bioql PyPI...

Directory Traversal

Salt is vulnerable to Directory Traversal. The vulnerability is due to improper input validation due to the recvfile method allowing arbitrary files to be written to the master cache directory through crafted path input...

UBUNTU-CVE-2024-38824

Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...

CVE-2024-38824

CVE-2024-38824 is a directory traversal vulnerability in the recv_file method that allows writing arbitrary files into the Salt master cache directory. Public references in multiple advisories (SUSE openSUSE/SUSE-SU-2025-02501/-02492/-02476, SUSE-2025-02492, -02500, -02502) confirm the flaw affec...

CVE-2024-8501

An arbitrary file download vulnerability exists in the rpcagentclient component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpcagent's host by exploiting the downloadfile method. This can lead to unauthorized access to sensitive...

PT-2024-40048 · Unknown · Camaleon Cms

Name of the Vulnerable Software and Affected Versions: Camaleon CMS affected versions not specified Description: The issue concerns a path traversal vulnerability in the MediaController class. An attacker who has taken over an administrator account could delete arbitrary files or folders on the...

CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that originates in the AP4File::AP4File method in the Mp42Hevc.cpp file of the mp42hevc component that can lead to a denial of service...

curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...