Lucene search
K

906 matches found

Nuclei
Nuclei
added 18 hours ago21 views

Schneider Electric Pelco VideoXpert Enterprise 2.0 - Path Traversal

Schneider Electric Pelco VideoXpert Enterprise versions 2.0 and prior contain a directory traversal caused by insufficient input validation, letting unauthorized persons view web server files, exploit requires no authentication. id: CVE-2017-9965 info: name: Schneider Electric Pelco VideoXpert...

5.8CVSS6.6AI score0.04612EPSS
Exploits1References4
Nuclei
Nuclei
added 18 hours ago11 views

System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...

4.9CVSS7.1AI score0.0203EPSS
Exploits1References3
NVD
NVD
added 2 days ago6 views

CVE-2026-11426

The UnderConstructionPage PRO plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.76. This is due to the plugin accepting arbitrary local file paths in the templatethumbnail parameter and copying their contents into a publicly accessible uploads file...

6.5CVSS0.00308EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-55469

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...

6.5CVSS0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-55469 Snipe-IT: Path traversal vulnerability via CSV import `image` field

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...

6.5CVSS0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-51925

A Local File Inclusion LFI vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menureport.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source cod...

0.00322EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-51925

CVE-2026-51925 affects docuForm GmbH Client v11.11c. A Local File Inclusion flaw in the dfm-menu_report.php component allows an attacker to read arbitrary server files (e.g., system/configuration files, source code) and potentially execute arbitrary code. The PT-Security entry confirms the affect...

8.1CVSS6.3AI score0.00322EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-51925

A Local File Inclusion LFI vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menureport.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source cod...

8.1CVSS6.3AI score0.00322EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:26 p.m.4 views

CVE-2026-59152

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.8.18, an attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to...

5CVSS6AI score0.00174EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/07/03 6:16 a.m.8 views

CVE-2026-14352

The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

7.5CVSS0.00473EPSS
Exploits0References7
NVD
NVD
added 2026/07/01 7:16 p.m.9 views

CVE-2026-58451

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References7
OSV
OSV
added 2026/07/01 7:16 p.m.4 views

UBUNTU-CVE-2026-58451

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
CVE
CVE
added 2026/07/01 6:16 p.m.23 views

CVE-2026-58451

CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53917

Name of the Vulnerable Software and Affected Versions OpenBMB ChatDev versions prior to commit 4fd4da6 Description An unauthenticated remote attacker can write or delete arbitrary files on the server filesystem. The issue occurs because the application fails to sanitize the multipart filename...

9.1CVSS6.1AI score0.00628EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/26 8:55 p.m.39 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
CVE
CVE
added 2026/06/26 8:55 p.m.19 views

CVE-2026-49984

CVE-2026-49984 – Kestra : A path traversal vulnerability in the LocalStorage backend allows any authenticated user who can view an execution to read arbitrary files on the server. Before patching, the LocalStorage path validator mishandles Windows-style backslashes, letting an attacker smuggle tr...

7.7CVSS6AI score0.00386EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/06/19 10:10 p.m.10 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the file attachments handling. An attacker can access local files on the...

7.1CVSS6AI score0.00174EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 5:17 p.m.15 views

CVE-2026-53872

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.10 views

Neuron Golem OEE MES 路径遍历漏洞

Neuron Golem OEE MES is a manufacturing execution system and equipment integrated efficiency management platform developed by the Polish company Neuron. The Neuron Golem OEE MES has a path traversal vulnerability, which stems from a path traversal flaw. This vulnerability could allow attackers...

8.3CVSS5.8AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47722

Name of the Vulnerable Software and Affected Versions Slider Revolution versions prior to 7.0.11 Description The plugin is subject to sensitive information disclosure resulting from three design flaws. First, a valid backend AJAX nonce revslider actions is leaked to all authenticated users,...

6.5CVSS5.3AI score0.00252EPSS
Exploits0References8
Rows per page
Query Builder