179 matches found
CVE-2026-29871
A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19 in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcastrouter.py, in function streamaudio. The stream-aud...
CVE-2026-33238
WWBN AVideo is an open source video platform. Prior to version 26.0, the listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by...
CVE-2026-33238 AVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem Enumeration
WWBN AVideo is an open source video platform. Prior to version 26.0, the listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by...
CVE-2026-33238
The connected GitHub advisory describes a path traversal in AVideo’s listFiles.json.php where an authenticated user with canUpload can pass an arbitrary path to glob(), returning full absolute paths to MP4 files anywhere on the server. This enables enumeration of web-root, private/premium content...
CVE-2026-33238 AVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem Enumeration
WWBN AVideo is an open source video platform. Prior to version 26.0, the listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by...
CVE-2026-33238 AVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem Enumeration
WWBN AVideo is an open source video platform. Prior to version 26.0, the listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by...
GHSA-4WMM-6QXJ-FPJ4 AVideo has a Path Traversal in listFiles.json.php Enables Server Filesystem Enumeration
Summary The listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by supplying arbitrary absolute paths, enumerating .mp4 filenames and...
PT-2026-26301
Summary The listFiles.json.php endpoint accepts a path POST parameter and passes it directly to glob without restricting the path to an allowed base directory. An authenticated uploader can traverse the entire server filesystem by supplying arbitrary absolute paths, enumerating .mp4 filenames and...
Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation
Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...
Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation
Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...
CVE-2026-30869 SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage
SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive files such as...
CVE-2026-24849
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
CVE-2026-24849
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
PT-2026-20920
Name of the Vulnerable Software and Affected Versions Penpot versions prior to 2.13.2 Description Penpot is an open-source design and code collaboration tool. An authenticated user with team edit permissions can read arbitrary files from the server. This is achieved by providing a local file path...
CVE-2026-25895 FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched ...
CVE-2026-25951
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences e.g., ....//, an...
CVE-2026-25951
FUXA (web-based Process Visualization) before version 1.2.11 has a flaw in path sanitization that lets an authenticated administrator bypass directory traversal protections by using nested traversal sequences (e.g., ....//). This enables writing arbitrary files to the server filesystem (including...
PT-2026-7186
Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal issue allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server...
CVE-2020-37078 i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the deleteimport parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from...
PT-2026-5829
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the delete import parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from...