CVE-2018-25374

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

CVE-2018-25374

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

CVE-2018-25374

CVE-2018-25374 affects Softneta MedDream PACS Server Premium 6.7.1.1. A directory-traversal vulnerability allows unauthenticated attackers to read arbitrary files by manipulating the path parameter, using requests to nocache.php with encoded backslash sequences. This can expose sensitive files in...

CVE-2018-25374 Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

CVE-2018-25374 Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

EUVD-2018-21897

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

PT-2026-43226

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

OESA-2026-1849 dovecot security update

Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can u...

CVE-2022-50932

Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like /js/../../../../.../etc/passwd%00.jpg...

EUVD-2021-19372

Malware in sbrugna...

EUVD-1999-0497

Malware in sbrugna...

CVE-2025-41240

Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path /opt/bitnami//secrets that is located within the web server document root. In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could retrieve these secrets ...

Tinasoft EasyCafe Server 安全漏洞

Tinasoft EasyCafe Server is a billing server-side software for coffee, internet cafes, etc. from Tinasoft Vietnam. A security vulnerability exists in Tinasoft EasyCafe Server version 2.2.14, which originates from a remote file disclosure and could result in reading sensitive information such as...

CVE-2025-52363

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access...

shadow-utils bug fix update

An update is available for shadow-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The shadow-utils packages include programs for converting UNIX password...

CAREL Boss-Mini

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : CAREL Equipment : Boss-Mini Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Low: Red Hat Security Advisory: shadow-utils security update

An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2024-27279

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a use...

CVE-2024-27279

CVE-2024-27279 describes a directory traversal vulnerability in a-blog cms affecting multiple release branches: 3.1.x (up to 3.1.9), 3.0.x (up to 3.0.30), 2.11.x (up to 2.11.59), 2.10.x (up to 2.10.51), and 2.9 and earlier. A user with editor or higher privileges who can log in may obtain arbitra...

CVE-2024-27279

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a use...