14 matches found
Malicious code in triage-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef2bb10931626a345e1277463f9c2ec6ca36108c2d6131c9210707ea5692a64 package.json declares preinstall: node index.js, so the payload runs automatically on npm install with no user action. index.js requires os, fs, and...
PT-2026-41550
Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious wp abspath values to simp...
CVE-2020-37214
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...
EUVD-2024-55345
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path...
CVE-2025-9556
Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3. Gonja supports include and extends syntax to read files, which leads to a server side template injection vulnerability within langchaingo, allowing an attacker to insert a...
CVE-2025-9556 CVE-2025-9556
Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3. Gonja supports include and extends syntax to read files, which leads to a server side template injection vulnerability within langchaingo, allowing an attacker to insert a...
CVE-2009-10005 ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode
ContentKeeper Web Appliance now maintained by Impero Software versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output...
CVE-2025-4437
CVE-2025-4437 affects CRI-O (container runtime); Fedora advisories indicate cri-o1.33 up to version 1.33.5 fixes. The vulnerability arises when container runs with securityContext.runAsUser set to a non-existent user, causing CRI-O to read /etc/passwd into memory and potentially trigger memory ex...
CVE-2024-28753
RaspAP aka raspap-webgui through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request...
PT-2024-22561 · Raspap · Raspap
Name of the Vulnerable Software and Affected Versions: RaspAP aka raspap-webgui versions 3.0.9 and earlier Description: The issue allows remote attackers to read the /etc/passwd file via a crafted request. Recommendations: For RaspAP aka raspap-webgui versions 3.0.9 and earlier, update to a versi...
Linux/ARM64 - Read /etc/passwd Shellcode (120 Bytes)
/ Title: Linux/ARM64 - Read /etc/passwd Shellcode 120 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus development...
CVE-2018-19326
Zyxel VMG1312-B10D devices before 5.13AAXA.8C0 allow ../ Directory Traversal, as demonstrated by reading /etc/passwd...
Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)
; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-867.php ; Author: SLAE64-1351 Keyman ; Date: 14/09/2014 ; ; Length: 105 bytes got shorter by 13 bytes ; ; What's new is that some...
Linux/x86-64 - Read /etc/passwd Shellcode (65 bytes)
/ --------------------------------------------------------------------------------------------------- Linux/x8664 - Read /etc/passwd - 65 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...