11232 matches found
CVE-2024-39847 Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
CVE-2024-39847
CVE-2024-39847 describes an XXE-like weakness in the XML parser of the 4D Server SOAP endpoints. Unauthenticated attackers can read files on the application server and adjacent network shares, and can issue HTTP GET requests to arbitrary services. The connected documents confirm the vulnerability...
PT-2026-36089
Name of the Vulnerable Software and Affected Versions JetBrains IntelliJ IDEA versions prior to 2024.3.7.1 JetBrains IntelliJ IDEA versions prior to 2025.1.7.1 JetBrains IntelliJ IDEA versions prior to 2025.2.6.2 JetBrains IntelliJ IDEA versions prior to 2025.3.4.1 JetBrains IntelliJ IDEA version...
PT-2026-36125
Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...
VulnCheck KEV: CVE-2022-50992
Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...
4D Server 代码问题漏洞
4D Server is a database server platform developed by the French company 4D. There are code vulnerabilities in 4D Server. These vulnerabilities stem from weaknesses in the XML parser function of the SOAP endpoint, allowing unauthenticated attackers to gain read access to files on the application...
Lobster_pro 代码问题漏洞
Lobsterpro is a middleware platform developed by the German company Lobster, used for enterprise data integration and process orchestration. Versions of Lobsterpro prior to 4.12.6-GA contained code vulnerabilities. These vulnerabilities stemmed from weaknesses in the XML parser’s functionality,...
Repetier-Server 1.4.10 - Path Traversal
Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str, filepath: str, traversaldepth: int = 15, timeout: int = 10 - bool: traversal =...
i18next-http-middleware has path traversal / SSRF via user-controlled language and namespace parameters
Summary Versions of i18next-http-middleware prior to 3.9.3 pass the user-controlled lng and ns values from getResourcesHandler directly into i18next.services.backendConnector.loadlanguages, namespaces, … without any sanitisation. Depending on which backend is configured, the unvalidated path...
GHSA-M9H6-8PQM-XRHF Admidio has Path Traversal via Unvalidated `name` Parameter in Document Add Mode that Enables Arbitrary Server File Read
Summary The add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type HTML encoding, allowing path traversal characters ../ to pass through unfiltered. Combined with the absence of CSRF protection on this endpoint and SameSite=Lax session cookies, a...
CVE-2026-41911
OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...
CVE-2018-25311
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
CLSA-2026-1777446306 python: Fix of CVE-2019-9948
CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...
CVE-2026-41911
OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...
CVE-2026-41911 OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image
OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...
CVE-2026-41911 OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image
OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...
GHSA-QP56-GP47-JWJ3 Duplicate Advisory: OpenClaw: Feishu extension resolveUploadInput bypasses file-system sandbox and allows arbitrary file reads via upload_image
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qf48-qfv4-jjm9. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension...
Duplicate Advisory: OpenClaw: Feishu extension resolveUploadInput bypasses file-system sandbox and allows arbitrary file reads via upload_image
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qf48-qfv4-jjm9. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension...