CVE-2024-58312

CVE-2024-58312 affects xbtitFM 4.1.18: a path traversal vulnerability in nfogen.php allows unauthenticated attackers to read sensitive system files by manipulating URL parameters, including encoded traversal characters. Root cause: directory traversal in HTTP parameter handling. Impact: potential...

CVE-2024-58310

The CVE-2024-58310 entry describes a path traversal vulnerability in the APC Network Management Card 4. Affected component is the device’s web interface, where manipulating URL parameters allows unauthenticated attackers to read sensitive files (e.g., /etc/passwd) via directory traversal techniqu...

CVE-2024-58286 dizqueTV 1.5.3 Remote Code Execution via FFMPEG Executable Path

dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation...

CVE-2024-58286

CVE-2024-58286 affects dizqueTV 1.5.3. The flaw allows remote code execution by altering the FFMPEG Executable Path via improper input validation, enabling shell commands to read files (e.g., /etc/passwd). Public details across sources confirm the component and impact but do not provide a confirm...

CVE-2025-9056

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

xbtitFM 路径遍历漏洞

xbtitFM is a BitTorrent tracker software by the individual developer of xbtitFM. A path traversal vulnerability exists in xbtitFM version 4.1.18, which stems from the presence of a path traversal in the URL parameter that could lead to the reading of sensitive system files...

PT-2025-50763

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18 Description xbtitFM 4.1.18 contains a path traversal issue that allows unauthenticated attackers to access sensitive system files. Attackers can manipulate URL parameters using directory traversal techniques, such as...

EUVD-2025-202391

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

CVE-2025-9056

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

CVE-2025-9056

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

CVE-2025-9056

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

CVE-2025-9056

CVE-2025-9056 describes an unprotected service in the AudioLink component that allows a local attacker to overwrite system files via unauthorized service invocation. The issue is documented across multiple feeds (NVD, Red Hat, EUVD, CIRCL, CNNVD, etc.) with consistent description. Affected compon...

Tecno AudioLink 安全漏洞

Tecno AudioLink is an audio linking software in cell phones from the Chinese company Tecno. A security vulnerability exists in Tecno AudioLink, which stems from insufficient protection of the AudioLink component service and could allow a local attacker to overwrite system files...

PT-2025-50303

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...

EUVD-2021-34724

STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. Attackers can send GET requests to /archive/download with directory traversal sequences to read...

CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

CVE-2021-47724

STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. Attackers can send GET requests to /archive/download with directory traversal sequences to read...

CVE-2025-14253

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

PT-2025-50269

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description MiniDVBLinux version 5.4 contains a flaw that allows attackers to read sensitive system files. This is possible through the 'file' GET parameter on the about page, enabling disclosure of arbitrary file...

CVE-2025-13771

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...