CVE-2025-44163

RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to gain read and write...

CVE-2025-5964

A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server...

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.6.14925.0 that stems from a path traversal issue in the API endpoint that could result in reading server files...

CVE-2025-4798

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2025-4798 WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2025-48889 Gradio Allows Unauthorized File Copy via Path Manipulation

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy a...

PT-2025-23222 · Phpoffice · Phpoffice Math

Name of the Vulnerable Software and Affected Versions: PHPOffice Math versions prior to 0.3.0 Description: The issue allows an attacker to create a special XML file that, when processed, loads external entities, enabling the reading of local server files. This is due to the use of the libxml...

CVE-2024-33620

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker...

CVE-2024-35162

Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switchthemes" privilege may obtain arbitrary files on the server...

CVE-2023-2315

Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server...

CVE-2022-4236

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server...

CVE-2022-4108

The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to for example in multisite...

CVE-2022-29509

Directory traversal vulnerability in T Data Server Japanese Edition Ver.2.22 and earlier, T Data Server English Edition Ver.2.30 and earlier, THERMO RECORDER DATA SERVER Japanese Edition Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER English Edition Ver.2.13 and earlier allows a remote...

CVE-2021-23166

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and write local files on the server...

CVE-2020-11596

A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP GET requests to a certain URL and obtain information about what files and directories reside on the server...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via a missing check in the router implementation. An attacker can navigate and determine the existence of files on the server using special elements such as .. and / separators. Details A Directory Traversal attack...

TEIGarage 代码问题漏洞

TEIGarage is an open source EGE RESTful web service from the Text Encoding Initiative Consortium. It provides EGE functionality through a RESTful web service. TEIGarage 1.2.3 before the version of the code problem vulnerability , the vulnerability stems from the document conversion function in th...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via fields of RichText field type, in DOMDocumentFactory. A user with edit permission can read server files by injecting malicious XML content. Details XXE Injection is a type of attack against an...

XML External Entity (XXE) Injection

Overview ezsystems/ezplatform-richtext is a platform RichText Extension, including the RichText FieldType. Affected versions of this package are vulnerable to XML External Entity XXE Injection via fields of RichText field type, in DOMDocumentFactory. A user with edit permission can read server...