D-Link DI-8200G 命令注入漏洞

The D-Link DI-8200G is an enterprise router from China-based AUO D-Link. The D-Link DI-8200G suffers from a command injection vulnerability due to manipulation of a path parameter in an unknown function in the /upgradefilter.asp file. An attacker could exploit this vulnerability to execute...

CVE-2026-0732 D-Link DI-8200G upgrade_filter.asp command injection

A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgradefilter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used...

CVE-2019-12507

An XSS vulnerability exists in PHPRelativePath aka Relative Path through 1.0.2 via the RelativePath.Example1.php path parameter...

CVE-2026-0604

The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.7 via the 'dirpath' parameter in the 'njt-fastdup/v1/template/directory-tree' REST API endpoint. This makes it possible for authenticated attackers,...

WordPress FastDup plugin <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST Parameter vulnerability

Authenticated Contributor+ Path Traversal via 'dirpath' REST Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin FastDup versions = 2.7...

CVE-2026-0604

The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.7 via the 'dirpath' parameter in the 'njt-fastdup/v1/template/directory-tree' REST API endpoint. This makes it possible for authenticated attackers,...

CVE-2025-34171

CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access files under...

carRental 路径遍历漏洞

carRental is a car rental software from carRental, Inc. A path traversal vulnerability exists in carRental, which stems from a misuse of the parameter path in file/file/downloadShowFile.action, which could lead to a path traversal attack...

PT-2026-1178

Name of the Vulnerable Software and Affected Versions CasaOS versions up to and including 0.4.15 Description CasaOS versions up to and including 0.4.15 have unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The...

EUVD-2025-205834

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2025-65411

CVE-2025-65411 affects GNU Unrtf v0.21.10. A NULL pointer dereference in the src/path.c component can cause a Denial of Service when a crafted payload is injected into the search_path parameter. The Connected documents confirm the vulnerability but do not provide concrete exploit details beyond t...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2018-25144

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform...

CVE-2018-25144

The CVE-2018-25144 issue affects Microhard Systems IPn4G 1.1.0. A vulnerability in the hidden system-editor.sh script allows authenticated attackers to read, modify, or delete arbitrary files by abusing unsanitized parameters (path, savefile, edit, delfile) via GET/POST requests. Exploitation det...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the path parameter when an absolute URL is provided, causing the baseuri to be ignored. An attacker can cause sensitive credentials such as API keys to be sent to unintended third-party hosts or forc...

External Control of File Name or Path in Langflow

Vulnerability Overview If an arbitrary path is specified in the request body's fspath, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths e.g., /etc/poc.txt ar...

CVE-2025-55307

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

PT-2025-50615

Name of the Vulnerable Software and Affected Versions Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2 Description An issue exists in Foxit PDF and Editor that may lead to information disclosure or memory corruption. This can occur when opening a...

CVE-2020-36899 QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure

QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified 'filename' and 'path' parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents...