219 matches found
XML External Entity (XXE) Injection
RichText is vulnerable to XML External Entity XXE Injection. The vulnerability is due to improper input validation due to unsafe XML elements being processed in user-editable RichText fields, allowing attackers with edit permissions to read server files...
XML External Entity (XXE) Injection
ibexa/fieldtype-richtext is vulnerable to XML External Entity XXE Injection. The vulnerability is due to improper XML input sanitization due to unsafe elements being allowed in RichText XML, potentially enabling attackers to read server files...
CVE-2025-31497
TEIGarage is a webservice and RESTful service to transform, convert and validate various formats, focussing on the TEI format. The Document Conversion Service contains a critical XML External Entity XXE Injection vulnerability in its document conversion functionality. The service processes XML...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal through the rendermav function. An attacker can access or modify files on the server by manipulating the input to traverse outside the intended directory structure. Remediation Upgrade org.noear:solon-view-beetl ...
PYSEC-2025-93
gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue CVE-2024-4941. This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a speciall...
ChuanhuChatGPT 输入验证错误漏洞
ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A file inclusion vulnerability exists in ChuanhuChatGPT version d4ec6a3, which stems from the gr.JSON component not effectively filtering cal...
CVE-2025-25185
GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for soft links. An attacker can create a malicious file as a soft link pointing to a target file, then package this soft link file into a tar.gz file and upload it...
Arbitrary File Read
moodle/moodle is vulnerable to Arbitrary File Read. The vulnerability is due to insufficient input sanitization in the TeX notation filter, which allows an attacker to exploit pdfTeX to read arbitrary files on the server...
CVE-2025-27098
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
CVE-2024-13353
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-25223
The LuxCal Web Calendar prior to 5.3.3M MySQL version and prior to 5.3.3L SQLite version contains a path traversal vulnerability in dloader.php. If this vulnerability is exploited, arbitrary files on a server may be obtained...
Exploit for Path Traversal in Pluginab Plugin_A\/B_Image_Optimizer
Nuclei Template for CVE-2025-25163 🚀 Overview This reposi...
Path Traversal
labelstudiosdk is vulnerable to Path Traversal. The vulnerability is due to improper file path validation in the VOC, COCO, and YOLO export functionalities, where the download function in the label-studio-sdk package fails to properly validate file paths during task exports, allowing attackers to...
CVE-2025-23212 Tandoor Recipes - Local file disclosure - Users can read the content of any file on the server
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature allows any user to enumerate the name and content of files on the server. This vulnerability is fixed in 1.5.28...
CVE-2024-21547
Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\. An attacker could read any file on the server by exploiting the normalization of \ into /...
Browsershot 安全漏洞
Browsershot is an open source tool from Spatie. It is used to convert web pages into images or pdfs. Browsershot 5.0.1 and earlier versions have a security vulnerability , the vulnerability stems from the vulnerability to directory traversal attacks , the attacker can read any file on the server...
Directory Traversal
Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Directory Traversal due to the improper handling of file paths in the processingutils.asyncmovefilestocache function. An attacker can read arbitrary...
CVE-2019-25213
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive file...
WordPress plugin Comments Import & Export 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists...
Absolute Path Traversal
Overview Affected versions of this package are vulnerable to Absolute Path Traversal via the HTML writer process when embedding images. An attacker can read arbitrary files on the server and perform arbitrary HTTP GET requests by constructing an XLSX file that links images from arbitrary paths or...