CVE-2024-48931

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint http:///v3/file?token== is vulnerable to arbitrary file reading due to improper input validation. By manipulating the files parameter,...

CVE-2024-12267

CVE-2024-12267 affects the WordPress plugin “Drag and Drop Multiple File Upload for Contact Form 7” (versions up to and including 1.3.8.5). The vulnerability is caused by insufficient file path validation in the dnd_codedropz_upload_delete() function, allowing unauthenticated attackers to perform...

Path Traversal

Deep Java Library DJL is vulnerable to a Path Traversal. The vulnerability is due to insufficient validation of file paths in the ZipUtils.unzip and TarUtils.untar methods, allows an attacker to manipulate file paths, enabling them to write files to arbitrary locations on the system...

CVE-2024-13720

CVE-2024-13720 concerns the WordPress plugin WP Image Uploader, affected versions up to and including 1.0.1. The issue is an insufficient file path validation in gky_image_uploader_main_function(), enabling unauthenticated attackers to delete arbitrary files on the server (potential path traversa...

SUSE CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

CVE-2025-0781 Incorrect Authorization in SimGear

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

CVE-2025-0781 Incorrect Authorization in SimGear

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

PT-2025-2690

Name of the Vulnerable Software and Affected Versions glog affected versions not specified Description The issue arises when logs are written to a widely-writable directory, allowing an unprivileged attacker to predict a privileged process's log file path and create a symbolic link to a sensitive...

PT-2025-4042

Name of the Vulnerable Software and Affected Versions FlightGear versions affected versions not specified Description An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. Recommendations...

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path at the /admin/compass endpoint, which passes data from GET requests to the pathToLogFile function. An attacker who can convince an authenticated user to follow a link containing a malicious file nam...

CVE-2024-12885

The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation when deleting a connections image directory in all versions up to, and including, 10.4.66. This makes it possible for authenticated attackers, with...

CVE-2024-12885

The CVE-2024-12885 entry concerns the WordPress plugin Connections Business Directory. Affected versions: all up to 10.4.66. Root cause: insufficient file path validation when deleting the Connections Images directory, enabling an authenticated attacker with Administrator+ privileges to delete ar...

CVE-2024-12885 Connections Business Directory <= 10.4.66 - Authenticated (Admin+) Arbitrary Directory Deletion

The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation when deleting a connections image directory in all versions up to, and including, 10.4.66. This makes it possible for authenticated attackers, with...

Access Control List (ACL) Bypass

gradio is vulnerable to an Access Control List ACL Bypass. The vulnerability is due to improper case normalization in the file path validation logic through the blockedpaths parameter of the isallowedfile function, allows an attacker can gain unauthorized access to sensitive files by altering the...

CVE-2025-0581

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the...

itsourcecode Tailoring Management System 注入漏洞

itsourcecode Tailoring Management System is a tailoring management system from itsourcecode open source. An injection vulnerability exists in version 1.0 of itsourcecode Tailoring Management System, which stems from the parameter expcat in the file /expadd.php that can cause SQL injection...