Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2026/03/27 5:9 p.m.10 views

CVE-2025-55265

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

7.5CVSS5.9AI score0.0032EPSS
Exploits0References1
osv
osv
added 2026/03/24 12:16 p.m.2 views

CVE-2019-25632

phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the action, fmcurrentdir, and filename parameters. Attackers can send GET requests to index.php with crafted parameter values to access sensitive files...

5.5CVSS6AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.7 views

PT-2026-6473

Summary The isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/file, exfiltrating sensitive data to the user/channel. Detai...

6.5CVSS5.7AI score0.00745EPSS
Exploits1References4
cve
cve
added 2025/12/11 9:40 p.m.11 views

CVE-2024-58302

FoF Pretty Mail 1.1.2 is affected by a Local File Inclusion (LFI) in the Email Template Settings. The weakness allows administrative users to include arbitrary server files during email generation, enabling reading of sensitive files such as /etc/passwd. Root cause is misuse of template processin...

6.9CVSS6.2AI score0.0029EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/02/12 12:0 a.m.5 views

Q-Free MAXTIME Suite 安全漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A security vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions. An attacker could exploit the vulnerability to read sensitive files via a specially crafted HTTP request...

4.9CVSS6.3AI score0.00843EPSS
Exploits0References1
Rows per page
Query Builder