116 matches found
IBM Cognos Analytics Path Traversal Vulnerability
IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A path traversal...
LocalS3 Project Vulnerable to XML External Entity (XXE) Injection via Bucket Tagging API
Description The LocalS3 project, an S3-compatible storage service, is vulnerable to XML External Entity XXE injection through its bucket tagging API. The vulnerability exists because the application processes XML input without properly disabling external entity resolution. When processing XML dat...
SonicWall NetExtender Windows client elevation of privilege vulnerability (CNVD-2025-12370)
SonicWall NetExtender Windows client is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. An elevation of privilege vulnerability exists in the SonicWall NetExtender...
Browsershot Local File Inclusion
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method, which results in a Local File Inclusion allowing the attacker to read sensitive files. Note: This is a bypass of the fix for CVE-2024-21549...
WordPress plugin ElementInvader Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Zimbra Collaboration Suite 安全漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite ZCS versions 9.0, 10.0, and 10.1, which originates from a local file in an endpoint in the...
Improper Input Validation
spatie/browsershot is vulnerable to Improper Input Validation. The vulnerability is due to improper URL validation through the setUrl method, allowing an attacker to exploit leading whitespace %20 before the file:// protocol, resulting in Local File Inclusion and potential access to sensitive fil...
WordPress plugin WP Hotel Booking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-10100 Path Traversal in binary-husky/gpt_academic
A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...
CVE-2024-46327
An issue in the Httphandle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal...
PT-2024-38449 · Trellix · Trellix Fx +5
Name of the Vulnerable Software and Affected Versions: Trellix NX, EX, FX, AX, IVX, and CMS affected versions not specified Description: An authenticated user can access restricted files from Trellix products using path traversal for the URL of network anomaly download artifact. This issue allows...
CVE-2024-40422
The snapshotpath parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshotpath parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized...
CVE-2024-21527
Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/chromium before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/webhook before 8.1.0 are vulnerable to Server-si...
CVE-2024-40617
Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 M2M-GW for FENICS. If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result,...
PT-2024-13676 · Unknown · Kiuwan Local Analyzer +1
Name of the Vulnerable Software and Affected Versions: Kiuwan SAST version master.1808.p685.q13371 Description: The issue arises when the Kiuwan Local Analyzer uploads scan results to the Kiuwan SAST web application, which processes XML files containing external entities. This leads to an XML...
CVE-2024-29967
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to...
CVE-2024-3028
CVE-2024-3028 affects mintplex-labs/anything-llm. The issue is improper input validation in the system-preferences API where manipulating the logo_filename parameter can cause reading of arbitrary files (including .env) and deletion via remove-logo. Root cause: lack of proper sanitization of user...
CVE-2024-2442 Path Traversal vulnerability in Franklin Fueling System EVO 550/5000
Franklin Fueling System EVO 550 and EVO 5000 are vulnerable to a Path Traversal vulnerability that could allow an attacker to access sensitive files on the system...
CVE-2023-49979
A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization...
CVE-2024-22723
Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "mediafolder" parameter in the URL, an attacker in this case, an administrator can navigate beyond the intended directory the 'media/' directory to access sensitive files in other parts of the application's file system...