CVE-2025-67223

The Aranda File Server AFS component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtual paths of uploaded files and bypass access controls...

CVE-2026-40865

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...

Horilla 访问控制错误漏洞

Horilla is a free open-source human resources software developed by Horilla Company. Version 1.5.0 of Horilla contains an access control vulnerability, which stems from insecure direct object references in the employee document viewer. This vulnerability could allow any authenticated user to acce...

CVE-2026-28276

Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any uploaded file can be...

Initiative 安全漏洞

Initiative is an open-source project management platform developed by Morelitea. Versions of Initiative prior to 0.32.2 contained security vulnerabilities. These vulnerabilities stemmed from the ability for uploaded documents to be accessed through the publicly accessible /uploads/ directory,...

PT-2025-48071

Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when processing requests. Specifically, a standard user can exploit this flaw by sending direct HTTP requests to administrative endpoints, bypassing the UI restrictions. This allows the attacker to manipulate...

EUVD-2025-15429

Malicious code in bioql PyPI...

EUVD-2022-35001

Malicious code in bioql PyPI...

Path Traversal

tinyscientist is vulnerable to path Traversal. The vulnerability is due to improper validation of file paths in the reviewpaper function, which allows an attacker to craft malicious file paths to read arbitrary PDF files on the server, access sensitive documents, and perform reconnaissance on the...

CVE-2025-55149 Path Traversal Vulnerability in PDF Review Function (CWE-22)

Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the reviewpaper function in backend/app.py. The...

CVE-2025-2306

An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The attack requires the attacker to know the documents UUIDv4...

CVE-2025-2306

An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The attack requires the attacker to know the documents UUIDv4...

CVE-2025-2306 Improper Access Control vulnerability in LIVE CONTRACT

An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The attack requires the attacker to know the documents UUIDv4...

CVE-2025-2306

CVE-2025-2306 concerns an Improper Access Control in LIVE CONTRACT’s file download feature. The vulnerability allows an unauthenticated attacker who knows a document UUIDv4 to download sensitive documents, with the attack vector described as network and requiring no privileges or user interaction...

SYNCPILOT LIVE CONTRACT 访问控制错误漏洞

SYNCPILOT LIVE CONTRACT is a real-time contract program from SYNCPILOT Germany. A security vulnerability exists in SYNCPILOT LIVE CONTRACT that stems from improper access control of the file download feature, which could result in an unauthenticated user downloading sensitive documents...

CVE-2025-24373

The CVE concerns the WooCommerce extension woocommerce-pdf-invoices-packing-slips. Affected software: the WordPress plugin for generating PDFs of invoices/packing slips (pre-4.0.0 versions). Root cause: unauthorized users can access any PDF document by manipulating the guest-access flow—after obt...

Design/Logic Flaw

Catalis previously Icon Software CMS360 allows a remote, unauthenticated attacker to view sensitive court documents by modifying document and other identifiers in URLs. The impact varies based on the intention and configuration of a specific CMS360 installation...

CVE-2023-6341

Catalis CMS360 (Catalis, formerly Icon Software) contains a vulnerability that allows an unauthenticated, remote attacker to view sensitive court documents by modifying document and other identifiers in URLs. The impact varies with the installation’s configuration and intended use. This CVE is do...

CVE-2023-6341 Catalis CM360 allows authentication bypass

Catalis previously Icon Software CMS360 allows a remote, unauthenticated attacker to view sensitive court documents by modifying document and other identifiers in URLs. The impact varies based on the intention and configuration of a specific CMS360 installation...

Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems

CISA has assisted a researcher with coordinating the disclosure of multiple researcher-discovered vulnerabilities affecting web-based case and document management systems used by multiple state, county, and municipal courts. Affected systems include products from Tyler Technologies and Catalis an...