Lucene search
K

218 matches found

Cvelist
Cvelist
added 2025/12/05 12:0 a.m.25 views

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

5CVSS0.003EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/04 12:0 a.m.202 views

📄 Discord Language Sloth Bot Directory Traversal Scanner / Payload Generator

The Language Sloth Discord bot contains a critical directory traversal vulnerability allowing attackers to read arbitrary files on the server hosting the bot through improperly sanitized user input in file path operations. This is an automated scanner with payload generation...

7.5CVSS6.7AI score0.01479EPSS
Exploits4
Snyk
Snyk
added 2025/12/02 6:31 a.m.2 views

Directory Traversal

Overview flamehaven-filesearch is a FLAMEHAVEN FileSearch - Open source semantic document search with API authentication powered by Google Gemini Affected versions of this package are vulnerable to Directory Traversal due to insufficient validation and sanitization of user-controlled filenames in...

8.7CVSS7.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/02 1:8 a.m.9 views

Gin-vue-admin has an arbitrary file deletion vulnerability

Impact Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder The affected code: Affected interfaces: /api/fileUploadAndDownload/removeChunk POC: You can specify the...

9.1CVSS6.9AI score0.00506EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2025/12/02 12:0 a.m.171 views

📄 Language Sloth Directory Traversal

The Language Sloth Discord bot has been found susceptible to a directory traversal vulnerability. CVE-2025-65321 The Language Sloth Discord bot is vulnerable to Directory Traversal in the gif and png functions. The functions build file paths using unsanitized user input for the 'name' parameter,...

7AI score
Exploits3
OSV
OSV
added 2025/12/01 10:28 p.m.5 views

CVE-2025-66410 Gin-vue-admin has an arbitrary file deletion vulnerability

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

8.7CVSS6.8AI score0.00506EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/11/05 6:31 p.m.7 views

WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

9.1CVSS6.8AI score0.00415EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2025/11/01 12:0 a.m.8 views

WordPress plugin Import WP – Export and Import CSV and XML files to WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension that can ...

4.9CVSS6AI score0.00431EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/10/21 8:29 p.m.13 views

CVE-2025-8051

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

6.5CVSS6.8AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2025/10/20 8:15 p.m.5 views

CVE-2025-8051

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

6.5CVSS5.8AI score0.00359EPSS
Exploits0References1
NVD
NVD
added 2025/10/20 8:15 p.m.4 views

CVE-2025-8051

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

6.5CVSS0.00359EPSS
Exploits0References1
CVE
CVE
added 2025/10/20 7:55 p.m.15 views

CVE-2025-8051

CVE-2025-8051 affects OpenText Flipper 3.1.2. The issue is a path traversal vulnerability that could allow an attacker to access files hosted on the server (absolute path traversal). The connected documents confirm the affected product and the vulnerability class but do not provide a specific fix...

6.5CVSS6.4AI score0.00359EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.5 views

WordPress plugin Media Library Assistant 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Media...

5.3CVSS6.3AI score0.00375EPSS
Exploits0References4
NVD
NVD
added 2025/10/15 2:15 a.m.11 views

CVE-2024-13991

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11481

Malware in sbrugna...

6.5CVSS6.6AI score0.01494EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16390

Malware in sbrugna...

7.5CVSS7.5AI score0.01339EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1318

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00337EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30610

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.01445EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0727

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00336EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30636

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01499EPSS
Exploits1References2
Rows per page
Query Builder