CVE-2026-42048

Langflow prior to 1.9.0 is vulnerable to path traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases) due to user-supplied kb_names being concatenated into file paths. The issue stems from building paths manually and passing them to deletion without proper normalization, enabling an...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the IO::FS::WRITE function. An attacker can write arbitrary files to unintended locations on the filesystem with attacker-controlled content by supplying crafted filenames containing traversal sequences, which ar...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the IO::FS::WRITE function. An attacker can write arbitrary files to unintended locations on the filesystem with attacker-controlled content by supplying crafted filenames containing traversal sequences, which ar...

Xenforo 安全漏洞

Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.7 contained security vulnerabilities. These vulnerabilities stemmed from abnormal messages triggered by the openbasedir limitation, which allowed the leakage of file system paths. This could potentially...

CVE-2026-3339 Keep Backup Daily <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

CVE-2026-3339

The CVE-2026-3339 entry affects the Keep Backup Daily plugin for WordPress (versions ≤ 2.1.1). It enables a Limited Path Traversal via the kbd_open_upload_dir AJAX action because kbd_path is only sanitized with sanitize_text_field(), which does not remove traversal sequences. An authenticated att...

CVE-2026-3864 CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

Directory Traversal

Swing Music is vulnerable to Directory Traversal. The vulnerability is due to insufficient path validation in the listfolders function of the /folder/dir-browser endpoint, which allows an authenticated attacker to traverse the filesystem and browse arbitrary directories on the server...

CVE-2026-23877 Directory Traversal & Filesystem can be accessed by a non-admin user

Swing Music is a self-hosted music player for local audio files. Prior to version 2.1.4, Swing Music's listfolders function in the /folder/dir-browser endpoint is vulnerable to directory traversal attacks. Any authenticated user including non-admin can browse arbitrary directories on the server...

CVE-2020-10579

A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application...

PT-2026-1404

Name of the Vulnerable Software and Affected Versions FastDup – Fastest WordPress Migration & Duplicator plugin versions prior to 2.7 Description The FastDup plugin for WordPress has a path traversal issue affecting versions up to 2.7. Authenticated attackers with Contributor-level access or high...

CVE-2025-68430 CVAT vulnerable to directory traversal via mounted share listing

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of...

CVAT.ai CVAT 安全漏洞

CVAT.ai CVAT is an open source data processing tool from CVAT.ai. A security vulnerability exists in CVAT.ai CVAT versions 2.8.1 through 2.52.0 that originates from an attacker being able to retrieve the contents of any file system directory accessible by the CVAT server, potentially leading to a...

CVE-2025-13891 Image Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory Listing

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.13.3. This is due to the modulalistfolders AJAX endpoint that lacks proper path validation and base directory restrictions. While the endpoint verifies user...

EUVD-2025-203051

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.13.3. This is due to the modulalistfolders AJAX endpoint that lacks proper path validation and base directory restrictions. While the endpoint verifies user...

EUVD-2020-3030

Malware in sbrugna...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview org.apache.zeppelin:zeppelin-server is a web-based notebook that enables interactive data analytics. You can make beautiful data-driven, interactive and collaborative documents with SQL, Scala and more. Affected versions of this package are vulnerable to Exposure of Sensitive System...

Studio 42 elFinder vulnerable to Incorrect Access Control

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...

CVE-2024-38909

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...

CVE-2024-38909

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc...