Path Traversal

croogo/croogo is vulnerable to path traversal. The vulnerability is due to improper validation of the edit-file parameter, which allows an attacker to craft malicious file paths and read arbitrary files on the server...

EUVD-2026-14349

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public an...

CVE-2026-4567

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public an...

CVE-2026-4567

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public an...

CVE-2026-4567 Tenda A15 UploadCfg stack-based overflow

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public an...

CVE-2026-4567

CVE-2026-4567 affects Tenda A15 firmware 15.13.07.13. The vulnerability is a stack-based buffer overflow in the UploadCfg function (/cgi-bin/UploadCfg) triggered by manipulating the File argument, allowing remote exploitation. Public exploit information exists. Red Hat/EUVD/NVD references corrobo...

Tenda A15 安全漏洞

The Tenda A15 is a WiFi extender produced by the Chinese company Tenda. Version 15.13.07.13 of the Tenda A15 contains a security vulnerability. This vulnerability stems from improper handling of the File parameter in the UploadCfg function located at /file/cgi-bin/UploadCfg. It may lead to a...

CVE-2019-25582 i-doit CMDB 1.12 Arbitrary File Download via file_manager Parameter

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

i-doit CMDB 代码问题漏洞

i-doit CMDB is a product of the German company i-doit. There is a code vulnerability in i-doit CMDB version 1.12. This vulnerability stems from the use of the file parameter, which allows arbitrary file downloads, potentially enabling authenticated attackers to download sensitive files...

External Control of File Name or Path

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to External Control of File Name or Path via the chunkFile parameter in the aVideoEncoder.json.php endpoint. An attacker can access arbitrary local files by specifyin...

RealtyScript 跨站脚本漏洞

RealtyScript is a real estate website management system developed by RealtyScript Inc. Version 4.0.2 of RealtyScript contains a cross-site scripting vulnerability. This vulnerability stems from improper cleanup of uploaded files, which may allow attackers to store malicious scripts through the fi...

CVE-2026-32140

Dataease (open source data visualization tool) Before version 2.10.20 is vulnerable via the Redshift JDBC driver where the IniFile parameter can be exploited to load an attacker-controlled configuration file. The getJdbcIniFile discovery mechanism can, if not restricted, locate rsjdbc.ini and, in...

GHSA-F2FC-VC88-6W7Q @siteboon/claude-code-ui is Vulnerable to Command Injection via Multiple Parameters

Summary Multiple Git-related API endpoints use execAsync with string interpolation of user-controlled parameters file, branch, message, commit, allowing authenticated attackers to execute arbitrary OS commands. Details The claudecodeui application provides Git integration through various API...

CVE-2025-41755

A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open e.g., /tmp/weblogsomenumber, but this parameter is not properly validated, allowing an attacker to modify it to...

CVE-2025-41755

A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open e.g., /tmp/weblogsomenumber, but this parameter is not properly validated, allowing an attacker to modify it to...

CVE-2025-41755 Arbitrary Read with ubr-logread

A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open e.g., /tmp/weblogsomenumber, but this parameter is not properly validated, allowing an attacker to modify it to...

CVE-2025-41755

CVE-2025-41755 describes a vulnerability where a low-privileged, remote attacker can read arbitrary files by abusing the ubr-logread method in wwwubr.cgi. The issue stems from insufficient validation of the log file parameter (e.g., /tmp/weblog{n}); the parameter can be manipulated to reference a...

PT-2026-24025

A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open e.g., /tmp/weblogsome number, but this parameter is not properly validated, allowing an attacker to modify it t...

PT-2026-24112

Name of the Vulnerable Software and Affected Versions Camaleon CMS versions 2.4.5.0 through 2.9.0 Description Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, have a path traversal issue in the AWS S3 uploader implementation. Authenticated users can read arbitrary files from...

Projectworlds Online Art Gallery Shop SQL注入漏洞

Projectworlds Online Art Gallery Shop is an online art gallery store open source by Projectworlds. Version 1.0 of the Projectworlds Online Art Gallery Shop has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter fnm in the file/?pass=1, which may lead ...