7 matches found
CVE-2026-44220
ciguard (static security auditor for CI/CD) has a symlink-following flaw in discover_pipeline_files() (src/ciguard/discovery.py) that can cause discovery to traverse into symlink targets outside the requested root. Documented in CVE-2026-44220 and GHSA advisories, the vulnerability affects versio...
PT-2025-50514
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...
CVE-2021-4459
CVE-2021-4459 is a directory traversal vulnerability in SMA Sunny Boy inverters. The issue allows an authenticated remote attacker to access files/directories outside the web root, potentially exposing sensitive system information on affected Sunny Boy devices. The CVE is described with the title...
CVE-2023-0126
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...
Mattermost Injection Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to validate the route parameter in //channels/. An attacker exploiting this vulnerability could access files and directorie...
FastCMS θ·―εΎιεζΌζ΄
FastCMS is a content management system from FastCMS, Inc. FastCMS suffers from a path traversal vulnerability. An attacker can use this vulnerability to access files and directories stored outside of the web root folder...
CVE-2017-6510
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory...