CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

357 matches found

White Star Software ProTop - Directory Traversal

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences. id: CVE-2025-44177 info: name:...

8.2CVSS7.9AI score0.09273EPSS

Exploits3References4

CNNVD•added 2026/04/21 12:0 a.m.•4 views

CrowdStrike LogScale 安全漏洞

CrowdStrike LogScale is a high-performance log management and analysis platform developed by the CrowdStrike company in the United States. There is a security vulnerability in CrowdStrike LogScale, which stems from an unvalidated path traversal issue in certain cluster API endpoints. This...

9.8CVSS6AI score0.00567EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:38 p.m.•3 views

CVE-2023-50449

JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter...

7.5CVSS6.8AI score0.00123EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:12 p.m.•3 views

CVE-2018-9851

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '|' instead of '/' as a directory separator, in conjunction with a ".." sequence...

7.5CVSS7AI score0.00374EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:9 p.m.•4 views

CVE-2018-18778

ACME minihttpd before 1.30 lets remote users read arbitrary files...

6.5CVSS6.9AI score0.93095EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:36 a.m.•4 views

CVE-2024-34523

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

7.5CVSS7.1AI score0.00173EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:42 a.m.•5 views

CVE-1999-0917

The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files...

5.1CVSS7.1AI score0.06586EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:39 a.m.•2 views

CVE-1999-0877

Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME...

4.3CVSS7AI score0.20861EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:12 a.m.•9 views

CVE-2025-1021

Missing authorization vulnerability in synocopy in Synology DiskStation Manager DSM before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors...

7.5CVSS7.1AI score0.00278EPSS

Exploits0References1

CVE•added 2026/01/02 3:19 p.m.•10 views

CVE-2025-59384

CVE-2025-59384 affects QNAP Qfiling prior to version 3.13.1. A path traversal flaw allows remote attackers to read arbitrary files or system data. The issue is fixed in Qfiling 3.13.1 and later. The CVSS metrics in the initial document indicate high impact with network attack potential and no use...

9.3CVSS6.4AI score0.00055EPSS

Exploits0References1Affected Software1