EUVD-2025-199863

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from relative path traversal and allows remote attackers to download arbitrary system files...

PT-2025-48322

Name of the Vulnerable Software and Affected Versions WebITR affected versions not specified Description WebITR, developed by Uniong, contains an Arbitrary File Read issue stemming from Relative Path Traversal. Authenticated remote attackers can exploit this to download arbitrary system files. Th...

EUVD-2025-199678

Unauthenticated Arbitrary File Deletion upgradecontents.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade parameter allows unauthenticated deletion of arbitrary...

DB Electronica Mozart FM Transmitter 安全漏洞

The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 that originates fr...

EUVD-2025-180548

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-13161

IQ-Support (IQ Service International) is affected by CVE-2025-13161, describing an Unauthenticated Arbitrary File Read via Relative Path Traversal that allows downloading arbitrary system files. The available connected documents identify the vulnerable component as IQ-Support but do not specify a...

PT-2025-46939

Name of the Vulnerable Software and Affected Versions IQ-Support affected versions not specified Description IQ-Support, developed by IQ Service International, has an Arbitrary File Read issue. Unauthenticated remote attackers can exploit Relative Path Traversal to download arbitrary system files...

IQ Service IQ-Support 安全漏洞

IQ Service IQ-Support is an intelligent customer service system from IQ Service, Inc. of Taiwan, China. A security vulnerability exists in IQ Service IQ-Support that originates from relative path traversal and could allow an unauthenticated, remote attacker to download arbitrary system files...

CVE-2025-58463 Download Station

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following...

CVE-2025-20374

Technical details about CVE-2025-20374 are not publicly provided in the connected documents. Please monitor for updates from Cisco and Red Hat advisories for affected products, impact scope, and remediation.

Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability

Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files...

CVE-2025-8385

The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5. This is due to insufficient input validation in the zfgetfilebyurl function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read arbitrary...

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-62156

Argo Workflows (versions

CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

CVE-2025-42937

SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...

CVE-2025-42937 Directory Traversal vulnerability in SAP Print Service

SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...

CVE-2025-42937 Directory Traversal vulnerability in SAP Print Service

SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...