CVE-2024-11170

CVE-2024-11170 affects danny-avila/librechat (git 81f2936). The root cause is improper sanitization of file paths by the multer middleware, enabling path traversal that can cause arbitrary file write and potentially remote code execution. A fix exists in version 0.7.6. Public PoC details are prov...

Flowise allows arbitrary file write to RCE

Summary An attacker could write files with arbitrary content to the filesystem via the /api/v1/document-store/loader/process API. An attacker can reach RCERemote Code Execution via file writing. Details All file writing functions in packages/components/src/storageUtils.ts are vulnerable. -...

The vulnerability of the NTLM Hash component of the Windows operating system, which allows a hacker to perform spoofing attacks

The vulnerability of the NTLM Hash component of the Windows operating system is related to incorrect external management of file names or file paths. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

BIT-DJANGO-2024-39330

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...

The vulnerability of the PAN-OS operating system, related to incorrect external management of file names or file paths, allows attackers to compromise the confidentiality of protected information.

The vulnerability of the PAN-OS operating system is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality of protected information...

WordPress plugin CS Framework 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2024-13780 Hero Mega Menu - Responsive WordPress Menu Plugin <= 1.16.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Directory Deletion

The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the hmenudeletemenu function in all versions up to, and including, 1.16.5. This makes it possible for unauthenticated attackers to delete...

CVE-2024-13780

CVE-2024-13780 refers to the Hero Mega Menu - Responsive WordPress Menu Plugin (

Linux Distros Unpatched Vulnerability : CVE-2023-45283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The filepath package does not recognize paths with a ??\ prefix as special. On Windows, a path beginning with ??\ is a Root Local Device path equivalent to a...

ASB-A-341680936

In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User...

PT-2025-7807 · Unknown · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions prior to 1.2.1 Description: A problematic issue has been found, affecting an unknown function of the file /DadosPessoais/SG Gravar. The manipulation of the idItAg argument leads to cross-site request forgery. This...

CVE-2025-1586

A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /Blood/A-.php. The manipulation of the argument Bloodname leads to cross site scripting. The attack can be initiated remotely. The exploit has...

PT-2025-7681 · Unknown · Code-Projects Blood Bank System

Name of the Vulnerable Software and Affected Versions: code-projects Blood Bank System version 1.0 Description: A vulnerability was found in the code-projects Blood Bank System, affecting unknown code of the file /Blood/A-.php. The manipulation of the Bloodname argument leads to cross-site...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...

VulnCheck KEV: CVE-2025-0111

Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user...

Debian dla-4056 : golang-glog-dev - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4056 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4056-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-1355

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signup.php of the component Add Picture. The manipulation leads to unrestricted upload. The attack can be launched remotely. Th...

TOTOLINK X18 命令注入漏洞

TOTOLINK X18 is a Gigabit router from China's Gion Electronics TOTOLINK. TOTOLINK X18 version 9.1.0cu.2024B20220329 suffers from a command injection vulnerability that stems from the parameter enable in file /cgi-bin/cstecgi.cgi failing to correctly filter constructed command special characters,...

CVE-2023-27602

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...