2 matches found
CVE-2025-0049
When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0...
PT-2025-1534 · Wp Travel · Wp Travel
Name of the Vulnerable Software and Affected Versions: WP Travel versions prior to 7.8.0 Description: The issue is related to missing authorization in WP Travel, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions prior to 7.8.0, update to...