3 matches found
CVE-2026-50877
CVE-2026-50877 affects Zhoros SuperBin v1.0.0. An attacker can trigger a directory traversal by supplying files whose names include traversal characters, potentially impacting file handling on the affected system. The vulnerability is reported with network attack vector, low complexity, no privil...
CVE-2018-25326
CVE-2018-25326 affects Google Drive for WordPress 2.2 and involves a path traversal vulnerability in gdrive-ajaxs.php. An unauthenticated attacker can exploit a crafted POST request by setting ajaxstype to del_fl_bkp and including directory traversal sequences in the file_name parameter (e.g., .....
CVE-2021-4463
CVE-2021-4463 affects Longjing Technology BEMS API versions up to 1.21. The vulnerability exists in the downloads endpoint where the fileName parameter is not properly sanitized, enabling an attacker to perform path traversal and download arbitrary files outside the intended directory without aut...