92 matches found
CVE-2020-37117 jizhiCMS 1.6.7 - Arbitrary File Download
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...
EUVD-2020-31049
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...
CVE-2020-37034
HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...
CVE-2025-11914 Shenzhen Ruiming Technology Streamax Crocus DeviceFileReport.do download path traversal
A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this issue is the function Download of the file /DeviceFileReport.do?Action=Download. Performing manipulation of the argument FilePath results in path traversal. The attack may be initiated remotely. The...
Streamax Crocus 路径遍历漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A path traversal vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter FilePath in the file...
EUVD-2020-19248
Malware in sbrugna...
EUVD-2004-1214
Malware in sbrugna...
EUVD-2002-0767
Malware in sbrugna...
EUVD-2022-40915
Malicious code in bioql PyPI...
EUVD-2025-28393
Malicious code in bioql PyPI...
Kingdee Cloud-Starry-Sky Enterprise Edition 路径遍历漏洞
Kingdee Cloud-Starry-Sky Enterprise Edition is a digital transformation solution for growing enterprises from China's Kingdee. A path traversal vulnerability exists in Kingdee Cloud-Starry-Sky Enterprise Edition 8.2 and earlier versions, which stems from path traversal due to incorrect operation ...
CVE-2025-45890
Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter...
CVE-2025-45890
Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter...
H3C SecCenter SMP-E1114P02 路径遍历漏洞
H3C SecCenter SMP-E1114P02 is a security management platform from China's Xinhua San H3C. A path traversal vulnerability exists in H3C SecCenter SMP-E1114P02 20250513 and earlier versions, which stems from path traversal due to incorrect operation of the parameter filePath in the file...
CVE-2022-38325
Tenda AC15 WiFi Router V15.03.05.19multi and AC18 WiFi Router V15.03.05.19multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile...
CVE-2021-30048
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus 小说精品屋-plus 3.5.1 allows attackers to read arbitrary files via the filePath parameter...
CVE-2020-36380
An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...
CVE-2024-53636
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System SIS EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter...
CVE-2024-33383
Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to obtain sensitive information via a crafted GET request using the filePath parameter...
CVE-2024-33383
Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to obtain sensitive information via a crafted GET request using the filePath parameter...