20 matches found
osTicket - Arbitrary File Read
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
EUVD-2026-12520
ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...
EUVD-2026-8581
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
CVE-2025-67083
Directory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthenticated attackers to read files from the server. The ability to read files and the file type depends on the web server and its configuration...
CVE-2022-50899
Geonetwork 3.10–4.2.0 is affected by an XML External Entity (XXE) vulnerability in the PDF rendering path. The issue arises from an insecure XML parser that can be driven by a crafted XML document with external entity references, allowing an attacker to read arbitrary server files via the baseURL...
CVE-2025-58051
Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leake...
CVE-2025-54959
Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed...
WordPress plugin AI Engine 信息泄露漏洞
WordPress AI Engine is a plugin based on OpenAI technology, which is mainly used to integrate artificial intelligence features into WordPress websites to improve the efficiency of content generation, automated operations and so on. WordPress AI Engine suffers from an information disclosure...
CVE-2025-53622 DSpace has path traversal vulnerability in Simple Archive Format (SAF) package import via contents file
DSpace open source software is a repository application which provides durable access to digital resources. Prior to versions 7.6.4, 8.2, and 9.1, a path traversal vulnerability is possible during the import of an archive in Simple Archive Format, either from command-line ./dspace import command ...
LuxSoft LuxCal Web Calendar 访问控制错误漏洞
LuxSoft LuxCal Web Calendar is a free user-friendly lightweight web-based event calendar from LuxSoft Switzerland. An access control error vulnerability exists in LuxSoft LuxCal Web Calendar versions prior to 5.3.3M and prior to 5.3.3L, which stems from a missing authentication in dloader.php and...
XWiki Platform 代码问题漏洞
XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. XWiki Platform suffers from a code issue vulnerability that stems from the fact that any user with document editing privileges can trigger an XAR import on a spoofed XAR file to ...
SUSE CVE-2017-5662
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a ful...
CVE-2021-23901
An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...
Citrix XenMobile Server File Disclosure
File disclosure vulnerability in Citrix XenMobile Server Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...
CVE-2020-15124
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
Arbitrary File Read Vulnerability in WMCMS
WMCMS is based on PHP + MYSQL as the core development, free + open source professional Chinese labeling system. WMCMS arbitrary file reading vulnerability, an attacker can exploit the vulnerability to read files under the server...
CVE-2019-14312
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI...
CVE-2018-8819
An XXE issue was discovered in Automated Logic Corporation ALC WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web server OS via t...
Honeywell IP-Camera HICC-1100PT - Local File Disclosure
Honeywell IP-Camera HICC-1100PT - Local File Disclosure 1. Advisory Information ======================================== Title : Honeywell IP-Camera HICC-1100PT Local File Inclusion Vendor Homepage : https://www.asia.security.honeywell.com Remotely Exploitable : Yes Tested on Camera types :...
com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure Vulnerability
No description provided by source. | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ Compononent name:comflyspray Affected Version:1.0.1...