38 matches found
CVE-2025-66599
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...
CVE-2025-66599
CVE-2025-66599 affects Yokogawa FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 through R10.04. The issue is that physical paths could be displayed on web pages, which could be exploited for other attacks (no exploit details provided). CVSS v4 base score is 6.9 (NETWORK ac...
EUVD-2001-0276
Malware in sbrugna...
EUVD-2020-14128
Malware in sbrugna...
CVE-2020-21356
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads...
Information disclosure
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads...
CVE-2020-21356
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads...
Dhcms Information Disclosure Vulnerability
DhCms Dinghua Cloud CMS is a content management system based on PHP and MySQL. A security vulnerability exists in Dhcms 2017-09-18. The vulnerability stems from the fact that the program can disclose physical paths. No detailed vulnerability details are provided at this time...
DhCms 输入验证错误漏洞
DhCms Dinghua Cloud CMS is a content management system based on PHP and MySQL. A security vulnerability exists in Dhcms 2017-09-18. The vulnerability stems from the fact that the program can disclose physical paths. No detailed vulnerability details are provided at this time...
CMS Made Simple Physical Path Disclosure Vulnerability (CNVD-2018-09058)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMSMS 2.2.7 and...
idreamsoft iCMS Physical Path Disclosure Vulnerability
iCMS is an efficient and simple content management system built with PHP and MySQL. A physical path leak vulnerability exists in idreamsoft iCMS version 7.0.7 and lower. An attacker can obtain the physical path by displaying an invalid nickname field in the core/library/weixin.class.php pathname...
dsmall Physical Path Disclosure Vulnerability
dsmall is a multi-user platform-level online shopping mall system. A security vulnerability exists in dsmall version 20180320. An attacker can exploit the vulnerability by sending public/index.php/home/predeposit/index.html?pdrsn=request to obtain a physical path...
Z-BlogPHP Website Physical Path Disclosure Vulnerability
Z-BlogPHP is an open source PHP-based blogging system developed by the Z-Blog community. A security vulnerability exists in Z-BlogPHP version 1.5.1.1740. An attacker can exploit the vulnerability to obtain a physical path...
wordpress plugin FancyBox admin-head.php physical path disclosure vulnerability
No description provided by source...
PHP3 Physical Path Disclosure via POST Requests
The version of PHP3 running on the remote host will reveal the physical path of a given script when sent a HTTP POST request without a content-type header if it is incorrectly configured. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...
John Roy Pi3Web 1.0.1 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL will caus...
DS3 Authentication Server - Multiple Vulnerabilities
No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt =============================== - Advisory - =============================== Tittle: DS3 Authentication Server - Command Execution Post Authentication & other minor issues Risk: High Date:...
Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issu...
Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.2013...
Imperva SecureSphere Operations Manager Command Execution Vulnerability
Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities. Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.201...