CVE-2018-6806

Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can include arbitrary JavaScript code, e.g., making XMLHttpRequest calls...

CVE-2014-8336

The "Sql Run Query" panel in WP-DBManager aka Database Manager plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOADFILE in an INSERT statement...

CVE-2017-16787

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access...

CVE-2017-16759

CVE-2017-16759 affects LibreNMS: the installation process before 2017-08-18 allows remote attackers to read arbitrary files via html/install.php. Multiple connected sources (GitHub security advisory GHSA-4CCX-WJQP-5FWW, OSV, CNVD/CNVD-2017-36362, NVD entry) corroborate an arbitrary file read duri...

CVE-2017-16661

Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd with a Log Path under /etc to read /etc/passwd...

CVE-2017-16661

Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd with a Log Path under /etc to read /etc/passwd...

CVE-2017-16661

Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd with a Log Path under /etc to read /etc/passwd...

UBUNTU-CVE-2017-16248

The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character...

CVE-2012-5358

The XSLTCompiledTransform function in Ektron Content Management System CMS before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial of service, or...

The vulnerability of the reportId parameter in the getReportStatus method of the Kaspersky Anti-Virus for Linux File Server antivirus protection tool allows a hacker to access and read arbitrary files.

The vulnerability of the reportId parameter in the getReportStatus method of the Kaspersky Anti-Virus for Linux File Server antivirus tool is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to read arbitrary files wit...

WordPress ZipArchive and PclZip Component Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL servers to set up a personal blog site . ZipArchive and PclZip components are among the compression/decompression components . A directory traversal...

Synology Photo Station Directory Traversal Vulnerability (CNVD-2017-27711)

Synology Photo Station is a Synology solution for sharing pictures, videos and blogs over the Internet. A directory traversal vulnerability exists in Synology Photo Station versions prior to 6.7.4-3433 and synphotoio versions prior to 6.3-2968. A remote attacker can exploit the vulnerability to...

batik: XML external entity processing vulnerability

An XXE vulnerability was found in Apache Batik which could allow a remote attacker to retrieve the files on the vulnerable server's filesystem by uploading specially crafted SVG images. The vulnerability could also allow a denial of service condition by performing an amplification attack...

Apache Wink XML External Entity Vulnerability

Apache Wink is a U.S. Apache Apache Software Foundation for building RESTful Web services framework , which consists of a server module and the client module for the development of RESTful Web services . An XML external entity injection vulnerability exists in Apache Wink 1.1.1 and earlier...

VulnCheck KEV: CVE-2017-12637

SAP NetWeaver Application Server AS Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to read arbitrary files via a .. dot dot in the query string...

Directory traversal

Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests...

Design/Logic Flaw

'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing ".." sequences. This vulnerability is already verified on VIVOTEK...

CVE-2017-9097

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a...

XXE Vulnerability in the ManageMenu.asmx File of MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A XXE vulnerability exists in the ManageMenu.asmx file of MicroXia Online Learning Platform, which can be exploited by an attacker to remotely read arbitrary files from the server...

XXE Vulnerability in Employee.asmx File of Microxia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. XXE vulnerability exists in the Employee.asmx file of MicroXia Online Learning Platform, which can be exploited by an attacker to remotely read arbitrary files on the server...