2212 matches found
PT-2026-40135
Name of the Vulnerable Software and Affected Versions Azure Monitor Agent versions prior to May 2026 Description External control of a file name or path allows an authorized attacker to elevate privileges locally. Recommendations Update to the May 2026 patch...
PT-2026-40040
Name of the Vulnerable Software and Affected Versions Ivanti Xtraction versions prior to 2026.2 Description External control of a file name allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory. This can lead to information disclosure and...
Siemens多款产品 跨站脚本漏洞
The Siemens SIMATIC Drive Controller is a series of drive controllers developed by the German company Siemens. Several Siemens products have a cross-site scripting vulnerability. This vulnerability arises from improper validation and cleaning of file names on the firmware update page. It may allo...
PT-2026-39936
The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...
PT-2026-40231
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network...
PT-2026-40205
Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description External control of a file name or path allows an authorized attacker to execute arbitrary code over a network, which can affect the system. Recommendations At the moment, there is no...
PT-2026-40233
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
PT-2026-40243
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description External control of a file name or path allows an unauthorized attacker to disclose sensitive information over a network. Recommendations At the moment, there is no...
CVE-2026-8215 Industrial Application Software IAS Canias ERP RMI iasRequestFileEvent path traversal
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of the argument mstrSourceFileName causes path traversal. The attack can be initiated remotely. The...
CVE-2026-44656
Summary: Vim before 9.2.0435 is affected by an OS command injection in the :find path-completion. If the path option contains backtick-enclosed shell commands, those commands execute during file-name completion. The issue arises because the path option lacks the P_SECURE flag and can be set from ...
CVE-2026-29201
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
CVE-2026-29201
Insufficient input validation in the feature::LOADFEATUREFILE AdminBin call in cPanel/WHM can lead to arbitrary file read when a relative file path is supplied. Affected product/version scope includes cPanel/WHM prior to versions listed as fixed in PT-2026-38673 (and WP Squared) such as 11.136.0....
CVE-2026-29201
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
CVE-2026-29201
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
EUVD-2026-28549
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...
CVE-2026-41201 CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS Version 2
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. In version 0.31.4.0, an attacker can achieve Full Account Takeover & Privilege Escalation via Stored DOM XSS in backup module filename field manipulated vi...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the stampExpression and watermarkExpression parameters in the merge, split, and convert routes. An attacker can access the contents of arbitrary PDF files on the server by supplying a path to a...
PT-2026-38393
Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description The CallSite wrapper class, designed as a safe wrapper for V8's native CallSite, fails to sanitize the output of the getFileName function. While the class blocks getThis and getFunction to prevent host...
Wish 路径遍历漏洞
Wish is a server tool developed by Charm for simplifying SSH application development. Versions of Wish prior to 2.0.0 and 2.0.1 contained a path traversal vulnerability. This vulnerability stemmed from the SCP middleware not properly verifying file names, which could lead to path traversal attack...