CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

PT-2025-24063

Name of the Vulnerable Software and Affected Versions Soar Cloud HRD Human Resource Management System versions prior to 7.3.2025.0408 Description The issue allows remote attackers to obtain partial files by specifying arbitrary file paths due to an external control of file name or path...

Teledyne FLIR AX8 命令注入漏洞

Teledyne FLIR AX8 is a series of thermal surveillance cameras from Teledyne FLIR USA. A command injection vulnerability exists in Teledyne FLIR AX8 version 1.46.16 and earlier, which stems from a command injection in the file /usr/www/application/models/subscriptions.php in the component Backend...

PT-2025-23895 · WordPress · Wp User Frontend Pro

Name of the Vulnerable Software and Affected Versions: WP User Frontend Pro plugin for WordPress versions up to, and including, 4.1.3 Description: The issue is related to insufficient file path validation in the delete avatar ajax function, allowing authenticated attackers with Subscriber-level...

oa_system 路径遍历漏洞

oasystem is aaluoxiang individual developer of an application system for the daily operation and management of organizations, used by employees and managers. A path traversal vulnerability exists in oasystem, which stems from a path traversal caused by incorrect operation of the file...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

Multilaser Sirius RE016 授权问题漏洞

Multilaser Sirius RE016 is a network appliance from Multilaser Sirius. An authorization issue vulnerability exists in Multilaser Sirius RE016 MLT version 1.0, which stems from improper authentication in the file /cgi-bin/cstecgi.cgi...

Blogbook 注入漏洞

Blogbook is a content management system project by Chaitak Gorai, an individual developer. Blogbook has an injection vulnerability that stems from a SQL injection in the parameter uid in the file /user.php...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

CVE-2025-32802 Insecure handling of file paths allows multiple local attacks

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

CVE-2025-32802 Insecure handling of file paths allows multiple local attacks

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

📄 Java-springboot-codebase 1.1 Arbitrary File Read

Java-sprintboot-codebase version 1.1 suffers from an arbitrary file read vulnerability. Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...

CVE-2025-5136

A vulnerability, which was classified as problematic, was found in Tmall Demo up to 20250505. This affects an unknown part of the file /tmall/order/pay/ of the component Payment Identifier Handler. The manipulation leads to insufficiently random values. It is possible to initiate the attack...

H3C SecCenter SMP-E1114P02 安全漏洞

H3C SecCenter SMP-E1114P02 is a security management platform from China's Xinhua San H3C Corporation. A security vulnerability exists in H3C SecCenter SMP-E1114P02 20250513 and earlier versions, which stems from improper operation of the parameter logGeneralFile/logGeneralFile2 in the file...

CVE-2025-30170

Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through...

PT-2025-22837

Name of the Vulnerable Software and Affected Versions eMagicOne Store Manager for WooCommerce plugin for WordPress versions 1.2.5 and earlier Description The issue is related to insufficient file path validation in the delete file function, allowing unauthenticated attackers to delete arbitrary...

CVE-2025-5114

A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...

CVE-2025-0202

A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTSSHOWFILE.jsp. The manipulation of the argument FilePath leads to file inclusion. The real existence of this vulnerability is still doubted at the moment...

CVE-2024-43011

An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validation and sanitization of user input for file paths, an attacker can exploit this vulnerability by using directory traversal techniques to delete arbitrary file...