CVE-2025-47220

A local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLESIGNATURECUSTOMIMAGEPATH, which exists in the PDFSigner and the PAdESSigner, can be set to any path without any restrictions by an admin user. In the case that the provided path points to an...

EUVD-2009-0674

Malware in sbrugna...

EUVD-2021-2086

Malware in sbrugna...

CVE-2019-14671

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

Reflected xss in installation space parameter

Description Cross-Site Scripting XSS is a type of security vulnerability that occurs when an attacker injects malicious code, usually in the form of scripts, into a web application. This code is then executed by unsuspecting users who visit the affected web page. in this case the path of...

CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...

CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...

CVE-2022-0779

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

CVE-2022-0779 User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

WordPress plugin User Meta Manager 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A path traversal vulnerability exists in versions of the WordPress User Meta Manager plugin prior to...

User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal

The plugin does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads As a subscriber, submit a dummy image on a page/post with a File Upload...

WordPress User Meta plugin <= 2.4.3 - Local File Enumeration via Path Traversal vulnerability

Local File Enumeration via Path Traversal vulnerability discovered by Julien Ahrens in WordPress User Meta plugin versions = 2.4.3. Solution Update the WordPress User Meta plugin to the latest available version at least 2.4.4...

GHSA-JJCX-999M-35HC Improper Input Validation in Firefly III

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

Improper Input Validation in Firefly III

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

CVE-2019-14671

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

CVE-2019-14671

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

Design/Logic Flaw

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

CVE-2019-14671

Firefly III 4.7.17.3 is vulnerable to local file enumeration due to insufficient sanitization of protocol schemes, notably file:/// URLs, related to the fints_url used in import/job/configuration and import/create/fints. This affects the ability of an attacker to enumerate local files. The connec...

CVE-2019-14671

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fintsurl to import/job/configuration, and import/create/fints...

Microsoft Internet Explorer 5 JavaScript Local File Enumeration Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster. When script code includes a file outside of the document it is embedded in and the file...