Lucene search
K

239 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:34 a.m.4 views

CVE-2015-10105

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

9.8CVSS7AI score0.00966EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/12 7:25 p.m.28 views

CVE-2025-4511

A vulnerability was found in vector4wang spring-boot-quick up to 20250422. It has been rated as critical. This issue affects the function ResponseEntity of the file /spring-boot-quick-master/quick-img2txt/src/main/java/com/quick/controller/Img2TxtController.java of the component quick-img2txt. Th...

6.5CVSS6.7AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/11 5:0 a.m.23 views

CVE-2025-4530 feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversal

A vulnerability was found in fenghaha/megagao ssm-erp and productionssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack c...

5.3CVSS0.00386EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/08 7:11 a.m.13 views

CVE-2025-4329

A vulnerability was found in 74CMS up to 3.33.0. It has been rated as problematic. Affected by this issue is the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The exploit has been...

5.3CVSS6.9AI score0.00562EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.4 views

PT-2025-19925 · 74Cms · 74Cms

Name of the Vulnerable Software and Affected Versions: 74CMS versions up to 3.33.0 Description: A vulnerability was found in the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The explo...

5.3CVSS4.5AI score0.00562EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/04/16 11:9 a.m.18 views

CVE-2025-3562

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...

5.3CVSS6.8AI score0.00521EPSS
Exploits0References1
NVD
NVD
added 2025/04/07 8:15 p.m.8 views

CVE-2025-3381

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. Th...

9.8CVSS0.00904EPSS
Exploits1References4
CVE
CVE
added 2025/03/25 7:0 a.m.85 views

CVE-2025-2744

CVE-2025-2744 affects zhijiantianya ruoyi-vue-pro 2.4.1, specifically the Material Upload Interface’s /admin-api/mp/material/upload-news-image endpoint. The vulnerability arises from manipulation of the File argument, enabling path traversal and remote exploitation. Multiple connected sources sta...

5.5CVSS7AI score0.00651EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/03/24 11:0 p.m.67 views

CVE-2025-2716

CVE-2025-2716 affects China Mobile P22g-CIac 1.0.00.488. According to multiple sources, the vulnerability originates from an issue in the Samba Path Handler component, enabling path traversal. The attack is described as remote and publicly disclosed, with the vendor reportedly unresponsive. The C...

5.1CVSS7.1AI score0.00491EPSS
Exploits0References4
CVE
CVE
added 2025/03/11 1:0 p.m.62 views

CVE-2025-2193

CVE-2025-2193 concerns MRCMS 3.1.2. A path traversal vulnerability exists in the delete function of /admin/file/delete.do within the org.marker.mushroom.controller.FileController, enabling remote exploitation via manipulation of the path/name argument. Public exploit details are present in multip...

8.1CVSS6.8AI score0.00709EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/16 12:0 a.m.5 views

PT-2025-6879 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability has been found in the function deleteimg action in the library lib/admin/image admin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched...

8.1CVSS4.9AI score0.00951EPSS
Exploits1References10
NVD
NVD
added 2024/11/14 3:15 p.m.22 views

CVE-2024-11210

A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has...

5.5CVSS0.00622EPSS
Exploits1References4
OSV
OSV
added 2024/09/20 1:15 p.m.4 views

CVE-2024-9032

A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely. The exploit has...

8.8CVSS5.5AI score0.00752EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/08/26 2:0 p.m.30 views

CVE-2024-8165 Chengdu Everbrite Network Technology BeikeShop export exportZip path traversal

A vulnerability was identified in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This vulnerability affects the function exportZip of the file /admin/filemanager/export. Such manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit i...

5.3CVSS0.00565EPSS
Exploits0References4
CVE
CVE
added 2024/07/21 10:0 a.m.47 views

CVE-2024-6949

GCVEs for CVE-2024-6949 describe a path-traversal vulnerability in Gargaj wuhu up to revision 3faad49bfcc3895e9ff76a591d05c8941273d120, affecting an unknown function exposed via /pages.php?edit=News. The issue is exploitable remotely and has had an exploit disclosed publicly. The documentation no...

5.3CVSS4.7AI score0.00518EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/03/25 7:15 a.m.3 views

CVE-2024-2863

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/03/25 7:15 a.m.17 views

CVE-2024-2863

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant...

9.8CVSS5.3AI score0.66969EPSS
Exploits0References1
OSV
OSV
added 2024/02/11 11:15 p.m.27 views

CVE-2024-1433

A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the argument pluginI...

3.7CVSS7.2AI score
Exploits0References3
CVE
CVE
added 2024/01/11 5:31 p.m.61 views

CVE-2024-0416

The CVE-2024-0416 entry concerns DeShang DSMall (up to v5.0.3). The vulnerability lies in file application/home/controller/MemberAuth.php, where manipulating the file_name argument triggers a path traversal (../filedir). This is a remote issue and the exploit has public disclosure. Impact is tied...

9.8CVSS9.4AI score0.0094EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/12/21 8:0 p.m.55 views

CVE-2023-7041

CVE-2023-7041 details a path traversal vulnerability in codelyfe Stupid Simple CMS

5.5CVSS5.5AI score0.00906EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder