88 matches found
MapTiler Tileserver-php v2.0 - Unauthenticated File Read
MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...
CVE-2026-9282 W3 Total Cache <= 2.9.4 - Unauthenticated Arbitrary File Read via 'f_array[]' Parameter
The W3 Total Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.4 via the setupSources function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...
CVE-2026-47896 Apache Lucene.Net: Unauthenticated arbitrary file read on the Lucene.Net.Replicator replication server
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...
CVE-2026-8023
CVE-2026-8023 concerns Zephyr’s HTTP server static-filesystem resource handler, where HTTP/1 and HTTP/2 front-ends copied the raw request path into a buffer without removing dot segments. This allowed path traversal to escape the configured web root and read arbitrary files after the filesystem r...
CVE-2026-8023 Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read
Zephyr's HTTP server subsys/net/lib/http provides a static-filesystem resource type HTTPRESOURCETYPESTATICFS, available when CONFIGFILESYSTEM is enabled that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled...
CVE-2026-54066 SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...
CVE-2026-54066 SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...
CVE-2026-54317
Insight (CVE-2026-54317): The Home Assistant Konnected integration exposes an unauthenticated GET endpoint (/api/konnected/device/{device_id}) that reveals alarm-panel state and topology on the LAN. Write operations (POST/PUT) enforce a Bearer token against configured access tokens, but GET reque...
GHSA-64CJ-QVX5-M4F3 Nhost CLI local configserver allows cross-origin unauthenticated read/write access to local development configuration and secrets
Summary The hidden nhost configserver used by nhost dev exposes the Mimir GraphQL API with dummy authorization directives and permissive CORS. When a developer is running the local development environment, any process that can reach the developer's localhost service, including a web page loaded...
CVE-2022-31231
Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management IAM module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data...
Exploit for Path Traversal in Mikrotik Routeros
Ferramentas de Pentest — /rede Repositório de scripts para au...
CVE-2021-47977 WordPress Anti-Malware Security Bruteforce Firewall <= 4.20.72 Directory Traversal
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...
CVE-2021-47942
Home Assistant Community Store HACS prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh...
CVE-2021-47942
CVE-2021-47942 concerns Home Assistant Community Store (HACS) 1.10.0. The vulnerability is a path traversal flaw exposed via the /hacsfiles/ endpoint, allowing unauthenticated attackers to read sensitive files (notably .storage/auth) and retrieve credentials/refresh tokens. With this access, an a...
PT-2026-41449
Name of the Vulnerable Software and Affected Versions Home Assistant Community Store HACS version 1.10.0 Description A path traversal issue allows unauthenticated attackers to read sensitive files by traversing directories via the '/hacsfiles/' endpoint. This can be used to retrieve the...
BIT-JRE-2020-14796
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
BIT-JAVA-MIN-2020-14581
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...
Exploit for PHP Remote File Inclusion in Synacor Zimbra_Collaboration_Suite
CVE-2025-68645 - Zimbra Path Traversal Vulnerability !Secur...
CVE-2026-40595 Chartbrew: Incorrect Access Control in public chart and export routes via missing onReport and SharePolicy checks
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes public chart retrieval and export routes that only verify project-level public access and, for exports, a team-level export toggle. Th...
chartbrew 访问控制错误漏洞
Chartbrew is an open-source data visualization and dashboard-building tool developed by Chartbrew. Version 4.9.0 of Chartbrew contains a access control vulnerability. This vulnerability arises from the fact that the routes for retrieving and exporting public charts only verify project-level publi...