AVideo: Remote Code Execution via PHP Temp File in Encoder downloadURL

Summary The downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing an invalid resolution parameter, an attacker triggers an early die via...

CVE-2026-29098 SuiteCRM has Relative Path Traversal via ModuleBuilder Modules ExportCustom Action

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the actionexportCustom function in modules/ModuleBuilder/controller.php fails to properly neutralize path traversal sequences in the $modules and $name...

CVE-2016-15056

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

EUVD-2016-10800

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

Ubee EVW3226 安全漏洞

The Ubee EVW3226 is a WiFi router from Ubee Corporation of Taiwan, China. A security vulnerability exists in the Ubee EVW3226 version 1.0.20 and earlier, which stems from a configuration backup file being stored in the web root directory and unencrypted, which could lead to the disclosure of...

EUVD-2005-0230

Malware in sbrugna...

CVE-2021-4459 SMA: Directory Traversal in Sunny Boy <3.10.27.R

An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices...

CVE-2021-20148

ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name. When ADSSP is configured with multiple Windows domains, a user from one domain can obtain the password policy for another...

CVE-2005-2325

Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to 1 ticker.php, 2 menu.php, 3 banned.php, 4 endlayout.php, 5 randomhlinesblock.php, 6 showlast.php, 7 showlast5class1.php, 8 showlast5phorum.php, 9 showlast5phorumblock.php, 10...

CVE-2024-5866

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch...

Mattermost Injection Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to validate the route parameter in //channels/. An attacker exploiting this vulnerability could access files and directorie...

Git 路径遍历漏洞

Git is a free, open source distributed version control system. Git suffers from a path traversal vulnerability. An attacker could use this vulnerability to access files and directories stored outside the web root folder. The following versions are affected: 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8,...

SUSE CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files...

SUSE CVE-2008-1291

ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder...

SUSE CVE-2012-4747

Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to read 1 template aka .tmpl files, 2 other custom...

WordPress 路径遍历漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A path traversal vulnerability exists in WordPress Ninja Team Video Downloader for TikTok, which ste...

CVE-2017-15532

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack also known as directory traversal. These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary...

CVE-2009-0250

Ryneezy phoSheezy 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the file containing the administrator's password hash via a direct request for config/password...