CVE-2025-12203

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

CVE-2025-11939

A vulnerability was determined in ChurchCRM up to 5.18.0. This issue affects some unknown processing of the file src/ChurchCRM/Backup/RestoreJob.php of the component Backup Restore Handler. Executing a manipulation of the argument restoreFile can lead to path traversal. The attack may be launched...

CVE-2025-11607

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function uploadmusic of the file app/controllers/v1/music.py of the component API Endpoint. Executing a manipulation of the argument File can lead to path traversal. The attack may be performed...

EUVD-2021-24210

Malware in sbrugna...

EUVD-2021-24214

Malware in sbrugna...

EUVD-2008-0791

Malware in sbrugna...

EUVD-2012-6362

Malware in sbrugna...

EUVD-2023-29647

Malicious code in bioql PyPI...

EUVD-2025-28917

Malicious code in bioql PyPI...

EUVD-2025-16248

Malicious code in bioql PyPI...

EUVD-2021-28155

Malicious code in bioql PyPI...

EUVD-2022-51836

Malicious code in bioql PyPI...

EUVD-2024-47935

Malicious code in bioql PyPI...

CVE-2025-11034

A vulnerability was found in Dibo Data Decision Making System up to 2.7.0. The affected element is the function downloadImpTemplet of the file /common/dep/commondep.action.jsp. The manipulation of the argument filePath results in path traversal. It is possible to launch the attack remotely. The...

PT-2025-38676

Name of the Vulnerable Software and Affected Versions JSC R7 R7-Office Document Server versions up to 20250820 Description A flaw exists in JSC R7 R7-Office Document Server. The issue involves manipulation of the cmd argument within an unknown function of the /downloadas/ file, potentially leadin...

CVE-2025-10766

CVE-2025-10766 affects SeriaWei ZKEACMS (≤4.3) and relates to path traversal via the Download function in EventViewerController.cs. The root cause is manipulation of the ID argument, enabling remote exploitation. Public PoC/exploit material has circulated; multiple sources flag remote, low-comple...

CVE-2025-10233

A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed...

CVE-2025-10233

A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed...

Linux Distros Unpatched Vulnerability : CVE-2005-3622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries...

CVE-2025-8815

CVE-2025-8815 affects 猫宁i Morning, with a path traversal vulnerability in the Shiro Configuration component. Affected is an unknown function within the /index file, enabling remote exploitation. Descriptions consistently indicate the product uses a rolling release model, and no version details fo...