16589 matches found
Filemanager is vulnerable to Relative Path Traversal through filemanager.php
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2024-32124
CVE-2024-32124 affects Fortinet FortiIsolator, specifically affected versions 2.3 through 2.4.4. The root cause is an improper access control in the logging component, which may allow a remote authenticated read-only attacker to alter logs by sending a crafted HTTP request. Documented impact is l...
CVE-2025-7673
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50ABOM.5C0 could allow an unauthenticated attacker to cause denial-of-service DoS conditions and potentially execute arbitrary code by sending a specially crafted HTTP...
PT-2025-30042 · Unknown · File Manager
Name of the Vulnerable Software and Affected Versions: Filemanager versions 2.5.0 and below Description: An issue allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint. Recommendations: Filemanager versions prior to 2.5.0: At the...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-46002
CVE-2025-46002 affects Filemanager before v2.5.0 and below, where a directory traversal can be triggered by crafting requests to the filemanager.php endpoint. The vulnerability is confirmed across multiple sources (Red Hat, GitHub advisories, Snyk) and centers on improper path handling in fileman...
Ubuntu: Security Advisory (USN-7643-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Linux
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-7762
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menunatmore.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotel...
CVE-2025-7762
CVE-2025-7762 affects D-Link DI-8100 (16.07.26A1). The flaw is in the HTTP Request Handler's /menu_nat_more.asp processing, where input length is not properly validated, causing a stack-based buffer overflow. It can be triggered remotely and the exploit has been publicly disclosed. Multiple sourc...
CVE-2025-7762 D-Link DI-8100 HTTP Request menu_nat_more.asp stack-based overflow
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menunatmore.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotel...
CVE-2025-7762 D-Link DI-8100 HTTP Request menu_nat_more.asp stack-based overflow
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menunatmore.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotel...
USN-7645-1 php7.0, php7.2 vulnerabilities
It was discovered that PHP incorrectly parsed certain HTTP response headers. An attacker could possibly use this issue to cause incorrect MIME type parsing which could result in unexpected behavior. CVE-2025-1217 It was discovered that PHP did not properly validate certain HTTP headers. An attack...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Windows
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-7603
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploi...
CVE-2025-7602
A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arpsys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...
CVE-2025-7673
A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50ABOM.5C0 could allow an unauthenticated attacker to cause denial-of-service DoS conditions and potentially execute arbitrary code by sending a specially crafted HTTP...