CVE-2025-0898

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 1.4.7 via the Draw SVG widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on...

CVE-2026-46724 Path Traversal in extension "Faceted Search" (ke_search)

The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...

TYPO3 Extension Faceted Search 路径遍历漏洞

TYPO3 Extension Faceted Search is an open-source extension for TYPO3 that enables faceted search. TYPO3 Extension Faceted Search has a path traversal vulnerability. This vulnerability stems from the fact that the file indexer does not normalize the configured directory paths. As a result, backend...

AVideo: Authenticated Arbitrary File Read in view/update.php

Summary view/update.php reads $POST'updateFile' as a relative path under updatedb/ and passes it to PHP's file for line-by-line execution as part of a database migration. An authenticated administrator can abuse this to read arbitrary text files reachable from the web-server process — especially...

Open WebUI 路径遍历漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained a path traversal vulnerability. This vulnerability occurred when files were attached in messages, where the file names originated from the original...

CVE-2026-44647 OneDev: Path Traversal (read capability via Git LFS pointer resolution)

OneDev is a Git server with CI/CD, kanban, and packages. Prior to 15.0.2, there is behavior that breaks the expected boundary between repository-controlled LFS metadata and server-local filesystem paths. A repository object can steer raw blob reads to arbitrary local files that the server account...

CVE-2026-44647 OneDev: Path Traversal (read capability via Git LFS pointer resolution)

OneDev is a Git server with CI/CD, kanban, and packages. Prior to 15.0.2, there is behavior that breaks the expected boundary between repository-controlled LFS metadata and server-local filesystem paths. A repository object can steer raw blob reads to arbitrary local files that the server account...

CVE-2026-7214 eghuzefa engineer-your-data server.py file_inf path traversal

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

CVE-2026-26067

October is a Content Management System CMS and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the...

October 安全漏洞

October is an open-source content management system CMS and network platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained security vulnerabilities. These vulnerabilities were caused by improper handling of CSS preprocessor files, which could allow backend users with...

Wish has SCP Path Traversal that allows arbitrary file read/write

The SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../ sequence...

Improper Access Control.

Vite is vulnerable to improper access control. The vulnerability is due to missing Origin header validation in the WebSocket connection path, which allows an attacker to invoke internal functions and retrieve arbitrary server files via crafted WebSocket requests...

CVE-2026-39364 Vite has a `server.fs.deny` bypass with queries

Vite is a frontend tooling framework for JavaScript. From 7.1.0 to before 7.3.2 and 8.0.5, on the Vite dev server, files that should be blocked by server.fs.deny e.g., .env, .crt can be retrieved with HTTP 200 responses when query parameters such as ?raw, ?import&raw, or ?import&url&inline are...

CVE-2026-35483

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

Text Generation Web UI 路径遍历漏洞

Text Generation Web UI is a local AI UI interface developed by oobabooga’s individual developers. Versions of Text Generation Web UI prior to 4.3 contained a path traversal vulnerability. This vulnerability stemmed from an unauthenticated path traversal vulnerability in the loadtemplate function,...

CVE-2026-26058

Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the...

CVE-2026-26058

Zulip (open-source team collaboration tool) is affected in versions 1.4.0 up to, but not including, 11.6. The vulnerability arises in the import path where ./manage.py import can read arbitrary server files due to path traversal in uploads/records.json. A crafted export tarball can cause the serv...

CVE-2026-0522

The CVE-2026-0522 issue affects VertiGIS FM (v10.5.00119) in the upload/download flow. A Local File Inclusion vulnerability allows an authenticated attacker to read arbitrary server files by manipulating the file path during upload; the downloaded file from the attacker-controlled path is then re...

CVE-2025-10559

A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in specific directories on the server...

VertiGIS FM 安全漏洞

VertiGIS FM is a facility and asset management platform from VertiGIS Corporation. Version 10.5.00119 of VertiGIS FM contains a security vulnerability. This vulnerability stems from the inclusion of local files during the upload/download process. It could allow authenticated attackers to read any...