1092 matches found
CVE-2025-13161 IQ Service International|IQ-Support - Arbitrary File Read
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
IQ Service IQ-Support 安全漏洞
IQ Service IQ-Support is an intelligent customer service system from IQ Service, Inc. of Taiwan, China. A security vulnerability exists in IQ Service IQ-Support that originates from relative path traversal and could allow an unauthenticated, remote attacker to download arbitrary system files...
Relative Path Traversal
Overview privatebin/privatebin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Affected versions of this package are vulnerable to Relative Path Traversal via the template-switching feature when templateselection is enabled in the configuration. An...
Important: tomcat9
Issue Overview: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could...
CVE-2025-58463
A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following...
CVE-2025-58464
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...
EUVD-2025-38269
A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following...
CVE-2025-58464
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...
CVE-2025-58464
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...
CVE-2025-58464 QuMagie
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...
CVE-2025-58464
Summary: CVE-2025-58464 affects QuMagie with a relative path traversal vulnerability. Multiple sources (NVD, Red Hat, ENISA EUVD) describe a flaw that could allow a remote attacker to read contents of unexpected files or system data. Affected software: QuMagie (prior to version 2.7.3). Vulnerabil...
OESA-2025-2630 tomcat security update
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...
PT-2025-45436
Name of the Vulnerable Software and Affected Versions QuMagie versions prior to 2.7.3 Description A relative path traversal issue exists in QuMagie. A remote attacker may be able to read the contents of unexpected files or system data by exploiting this issue. Recommendations Update to QuMagie...
QNAP Download Station 安全漏洞
QNAP Download Station is a web-based download tool from Taiwan, China-based QNAP Technology QNAP. A security vulnerability exists in QNAP Download Station, which originates from relative path traversal and could result in reading unexpected files or system data...
QNAP Systems QuMagie 安全漏洞
QNAP Systems QuMagie is a QTS photo management application from China Weilian Technology QNAP Systems. A security vulnerability exists in QNAP Systems QuMagie versions prior to 2.7.3 that stems from a relative path traversal issue that could result in reading unexpected files or system data...
Dell Secure Connect Gateway 安全漏洞
Dell Secure Connect Gateway is an enterprise-grade secure connectivity gateway appliance from Dell that is used to monitor hardware status, automate the creation of support requests, and securely communicate to safeguard device connectivity to Dell backend services. A relative path traversal...
Relative Path Traversal
Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Relative Path Traversal via the URL normalization. An attacker can bypass security constraints and access restricted directories such as /WEB-INF/ and /META-INF/...
Apache Tomcat Vulnerable to Relative Path Traversal
The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...
GHSA-WMWF-9CCG-FFF5 Apache Tomcat Vulnerable to Relative Path Traversal
The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...
UBUNTU-CVE-2025-55752
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...