890 matches found
OpenText Flipper 安全漏洞
OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that stems from vulnerability to an absolute path traversal attack that could lead to accessing files on the server...
CVE-2025-58051
Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leake...
CVE-2025-58051 Nextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a table
Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leake...
Tables app allowed to include local file via PhpSpreadsheet when importing a table
None...
CVE-2024-13991
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...
EUVD-2024-55036
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...
EUVD-2025-34260
A path traversal vulnerability in FastX3 thru 3.3.67 allows an unauthenticated attacker to read arbitrary files on the server. By leveraging this vulnerability, it is possible to access the application's configuration files, which contain the secret key used to sign JSON Web Tokens as well as...
CVE-2025-11674
SOOP-CLM developed by PiExtract has a Server-Side Request Forgery vulnerability, allowing privileged remote attackers to read server files or probe internal network information...
EUVD-2025-34045
SOOP-CLM developed by PiExtract has a Server-Side Request Forgery vulnerability, allowing privileged remote attackers to read server files or probe internal network information...
Text Generation Web UI 后置链接漏洞
Text Generation Web UI is a UI interface for native AI by oobabooga individual developers. A backlink vulnerability exists in Text Generation Web UI version 3.13 and earlier, which stems from a local file inclusion vulnerability in the character image upload feature that could result in reading...
WordPress All in One Music Player plugin path traversal vulnerability
WordPress All in One Music Player plugin is a plugin with integrated music playback functionality, mainly used for WooCommerce, Dokan, WCFM Marketplace and other multi-platform e-commerce systems. A path traversal vulnerability exists in the WordPress All in One Music Player plugin, which stems...
GHSA-J44M-5V8F-GC9C Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
Summary The ReadFileTool in Flowise does not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read arbitrary files from the file system, potentially leading to remote command execution. Details Flowise supports providing ReadFileTool for large models to...
CVE-2025-10494
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated attackers, with...
EUVD-2001-0031
Malware in sbrugna...
EUVD-2021-14403
Malware in sbrugna...
EUVD-2020-3035
Malware in sbrugna...
EUVD-2019-8876
Malware in sbrugna...
EUVD-2021-27910
Malicious code in bioql PyPI...
EUVD-2025-6017
Malicious code in bioql PyPI...
EUVD-2025-5038
Malicious code in bioql PyPI...