Exploit for CVE-2026-42945

CVE-2026-42945-Nginx-RCE-bypass-ASLR CVE-202...

CVE-2026-44111

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...

PT-2026-38232

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.9 Description A file read issue allows attackers to bypass navigation guards through browser act/evaluate interactions. This enables attackers to pivot into the local Chrome DevTools Protocol CDP origin and...

Hyland Alfresco 安全漏洞

Hyland Alfresco is an enterprise content management system developed by the American company Hyland. Hyland Alfresco has a security vulnerability, which allows unauthenticated attackers to read arbitrary files from protected directories through endpoints such as /share/page/resource/. This...

PT-2025-49264

Name of the Vulnerable Software and Affected Versions warehouse management system version 1.2 Description The software has an arbitrary file read issue. The /file/showImageByPath API endpoint does not properly sanitize user-supplied path parameters, potentially allowing an attacker to use directo...

LILIN Digital Video Recorder 安全漏洞

LILIN Digital Video Recorder is a video recorder from LILIN Taiwan, China. A security vulnerability exists in LILIN Digital Video Recorder versions prior to 2.0b6020200207, which originates from an arbitrary file read and could lead to the reading of sensitive configuration files...

VulnCheck KEV: CVE-2019-17538

Jiangnan Online Judge aka jnoj 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring...

CVE-2022-44299

SiteServerCMS 7.1.3 sscms has a file read vulnerability...

RHEL 7 : redhat-access-plugin (RHSA-2015:0840)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:0840 advisory. The Red Hat Support plug-in for Red Hat OpenStack is a Technology Preview feature which offers seamless integrated access to Red Hat subscription...

Ladle 安全漏洞

Ladle is a separate package and command from Ladle, Inc. A security vulnerability exists in Ladle 2.5.1 and prior versions that originated from allowing an attacker to read user-accessible files via a GET request...

CVE-2022-20467

In isBluetoothShareUri of BluetoothOppUtility.java, there is a possible incorrect file read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11...

Selesta Visual Access Manager Unauthorized Access Vulnerability

Selesta Visual Access Manager VAM is the Selesta Visual Access Manager. A security vulnerability exists in Selesta Visual Access Manager VAM versions 4.15.0 through 4.29. An attacker can exploit the vulnerability to read PHP pages or other types of files without authentication and authorization...

CVE-2018-20924

cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads SEC-378...

CVE-2016-10842

cPanel before 11.54.0.4 allows certain file-read operations in bin/setupglobalspamfilter.pl SEC-74...

b2 cafelog: remote command execution, sql injection and another flaw.

Products: b2 cafelog 0.6.1 with ljupdate b2 cafelog 0.6.2 and prior Author: FraMe frame at kernelpanik.org URL: http://www.kernelpanik.org CONTENTS 1. Overview 2. Description. 3. Details. 4. Vendor Response 1. Overview. b2 is a news/weblog tool written in php. b2 uses MySQL as backend system. 2...