CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

Lavalite 9.0.0 XSRF TOKEN cookie File path traversal Vulnerability

Title: Lavalite-9.0.0 XSRF-TOKEN cookie File path traversal Author: nu11secur1ty Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite Description: The XSRF-TOKEN cookie is...

MeterSphere 安全漏洞

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. MeterSphere v1.15.4 version of a security vulnerability , the vulnerability stems from the existence of arbitrary file read vulnerability , authenticated users can read any file on the server through the file...

CVE-2021-26639

This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system...

Input validation

This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system...

CVE-2022-1401

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00...

CVE-2022-34365

WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application...

PYSEC-2022-248

Streamlit is a data oriented application development framework for python. Users hosting Streamlit apps that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially othe...

PYSEC-2022-248

Streamlit is a data oriented application development framework for python. Users hosting Streamlit apps that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially othe...

Mitsubishi Electric GENESIS64和Mitsubishi Electric ICONICS Suite 路径遍历漏洞

ICONICS GENESIS64 is a suite of advanced HMI SCADA solutions designed for Microsoft operating systems from ICONICS, Inc. A path traversal vulnerability exists in ICONICS GENESIS64 versions 10.97 and 10.97.1, which allows a remote, unauthenticated attacker to access arbitrary files in the GENESIS6...

bt_lnmp 路径遍历漏洞

btlnmp is a piaoyunsoft personal developer of a pagoda panel-based LNMP environment. btlnmp suffers from a path traversal vulnerability that stems from the failure of the Flask sendfile function to properly filter special elements in a resource or file path, which can be exploited by attackers to...

CVE-2022-22373

An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323...

CVE-2022-29097

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application...

WordPress User Meta Lite / Pro 2.4.3 Path Traversal Vulnerability

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: User Meta Vendor URL: https://wordpress.org/plugins/user-meta Type: Relative Path Traversal CWE-23 Date found: 2022-02-28 Date published: 2022-05-24 CVSSv3 Score: 4.3...

CVE-2022-29097

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application...

CVE-2022-29801

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9. The application contains a XML External Entity Injection XXE vulnerability. This could allow an attacker to view files on the application server filesystem...

CVE-2022-24108

The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted...

GHSA-H2VQ-7GF2-QW9V Umbraco CMS XXE Vulnerability

XML external entity XXE vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts aka SSRF, related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs...

Local file inclusion

Description https://app.diagrams.net/embed2.js?&fetch= is used to fetch data and i tried to perform ssrf by extracting google cloud metadata but was unable to do but i am still able to fetch server files like /etc/passwd. Proof of Concept 1. Visit https://app.diagrams.net/embed2.js?&fetch= 2. Ent...