8806 matches found
CVE-2025-11018
A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...
CVE-2025-60150
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows PHP Local File Inclusion.This issue affects Subscribe to Download: from n/a through = 2.0.9...
CVE-2025-60153
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe To Unlock subscribe-to-unlock allows PHP Local File Inclusion.This issue affects Subscribe To Unlock: from n/a through = 1.1.5...
CVE-2025-11018
A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...
CVE-2025-11018
A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...
CVE-2025-11018 Four-Faith Water Conservancy Informatization Platform download.do;usrlogout.do.do path traversal
A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...
CVE-2025-11018 Four-Faith Water Conservancy Informatization Platform download.do;usrlogout.do.do path traversal
A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...
CVE-2025-11018
Four-Faith Water Conservancy Informatization Platform 1.0 is affected by a path traversal flaw. The vulnerability lies in the handling of the fileName argument of the endpoint chain /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do, enabling remote exploitation. An exploit has bee...
CVE-2025-60153
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe To Unlock subscribe-to-unlock allows PHP Local File Inclusion.This issue affects Subscribe To Unlock: from n/a through = 1.1.5...
CVE-2025-1862
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server. By...
CVE-2025-60153
CVE-2025-60153 affects the Subscribe To Unlock WordPress plugin with a PHP Local File Inclusion (LFI) flaw in Include/Require usage. Described as a PHP Remote File Inclusion issue that effectively enables LFI. Affected versions: from n/a through 1.1.5. CVSSv3.1 base score 7.5 (HIGH), vector: AV:N...
CVE-2025-60153 WordPress Subscribe To Unlock Plugin <= 1.1.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe To Unlock subscribe-to-unlock allows PHP Local File Inclusion.This issue affects Subscribe To Unlock: from n/a through = 1.1.5...
CVE-2025-60150 WordPress Subscribe to Download plugin <= 2.0.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows PHP Local File Inclusion.This issue affects Subscribe to Download: from n/a through = 2.0.9...
CVE-2025-60150 WordPress Subscribe to Download plugin <= 2.0.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows PHP Local File Inclusion.This issue affects Subscribe to Download: from n/a through = 2.0.9...
CVE-2025-60126 WordPress Testimonial Slider Plugin <= 3.5.8.6 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PluginOps Testimonial Slider testimonial-add allows PHP Local File Inclusion.This issue affects Testimonial Slider: from n/a through = 3.5.8.6...
PT-2025-39593
Name of the Vulnerable Software and Affected Versions wpshuffle Subscribe to Download versions through 2.0.9 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...
WSO2 Enterprise Integrator 安全漏洞
WSO2 Enterprise Integrator is an open source hybrid integration platform from WSO2, Inc. in the United States. The platform supports communication between multiple applications. A security vulnerability exists in WSO2 Enterprise Integrator that stems from the BPEL uploader SOAP service endpoint n...
Four-Faith Water Conservancy Informatization Platform 路径遍历漏洞
Four-Faith Water Conservancy Informatization Platform is a water conservancy informatization system from Four-Faith. A path traversal vulnerability exists in Four-Faith Water Conservancy Informatization Platform version 1.0, which originates from an attack on the file /sysRole/index.do/... /...
PT-2025-39642
Name of the Vulnerable Software and Affected Versions Four-Faith Water Conservancy Informatization Platform version 1.0 Description A path traversal flaw exists in Four-Faith Water Conservancy Informatization Platform version 1.0. The issue affects an unknown function within the file...
WordPress plugin Testimonial Slider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...