959 matches found
CVE-2026-22102 Arbitrary file overwrite through certificate update functionality
A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...
Movies <= 0.6 - Cross-Site Scripting
A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...
CVE-2026-26396
OpenBMB XAgent v1.0.0 and earlier are affected by a path traversal in the file() function within XAgent/XAgentServer/application/routers/workspace.py. The input parameter filename is user-controllable and concatenated into the file path without proper validation, enabling potential disclosure of ...
CVE-2026-26396
OpenBMB XAgent v1.0.0 and before is vulnerable to path traversal in the file function in XAgent/XAgentServer/application/routers/workspace.py. The input parameter “filename” is user-controllable and is concatenated into the file path to be read without proper validation, leading to a directory...
CVE-2026-55474 Snipe-IT: Directory traversal in displaySig
Snipe-IT is an IT asset/license management system. Prior to 8.5.0, ActionlogController::displaySig concatenates the route filename parameter into a private upload-directory path without sanitization, allowing an authenticated attacker to traverse outside the intended directory and read arbitrary...
PT-2026-54832
Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description The software contains flaws in file handling functionality used for data export and upload. Improper validation of the filename parameter enables path traversal, allowing files to be written to arbitrary...
CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
DEBIAN-CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
UBUNTU-CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
CVE-2026-39899
Cacti (versions ≤ 1.2.30) is vulnerable to a path traversal flaw via the filename parameter in package_import.php. The issue has been fixed in 1.2.31 . Exploitation details, impact metrics, and confirmed exploit code are not provided beyond this description in the linked sources. If affected, upg...
CVE-2026-39899 Cacti: Path Traversal via filename parameter in package_import.php
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
CVE-2026-31978
motionEye mEye is an online interface for motion software, which is a video surveillance program with motion detection. Versions prior to 0.44.0 are vulnerable to path traversal in the picture and movie API endpoints, suhc as /picture/id/preview/filename. Neither the API handlers, nor the...
EUVD-2026-38804
motionEye mEye is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versions prior to 0.44.0 contain an absolute path traversal vulnerability in multiple media file handlers that allows an attacker to read arbitrary files fro...
CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters
Summary parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=..., and the filename0/filename1 continuation form is decoded and surfaced...
CVE-2026-9506
This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by sending crafted path traversal sequences through the filename parameter to access arbitrary files...
CVE-2026-9506
The CVE-2026-9506 issue affects Bagisto in the ImageCacheController where improper validation of user-supplied input enables path traversal via the filename parameter. This unauthenticated remote attacker could read arbitrary sensitive files outside the intended directory, as stated in the connec...
EUVD-2026-35036
This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by sending crafted path traversal sequences through the filename parameter to access arbitrary files...