CVE-2026-41412

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client simpleHttpClient into every extension script's scope. The postFileAndSaveResponse method accep...

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

CVE-2025-48977

Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0. Users are recommended to upgrade to version...

Tassos Framework Plugin 访问控制错误漏洞

The Tassos Framework Plugin is a Joomla extension and functionality enhancement framework developed by Tassos Marinos. The Tassos Framework Plugin has a security vulnerability related to access control, which allows users to delete any file on the affected site...

Bludit 代码问题漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Bludit has code vulnerabilities that allow authenticated attackers to upload any type of file, potentially leading to remote code execution...

CVE-2025-15433

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

CVE-2025-14532

DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0...

CVE-2025-14532

CVE-2025-14532 describes an unauthenticated file-upload flaw in DobryCMS that allows uploading files of any type/extension, enabling remote code execution. The NVD entry indicates a high-severity, network-accessible issue (CVSS v4.0-like metrics: base score 9.3; impacts to confidentiality, integr...

PT-2026-22581

Name of the Vulnerable Software and Affected Versions DobryCMS versions prior to 5.0 Description The software’s file upload functionality allows unauthenticated remote attackers to upload files of any type and extension without restriction. This can lead to Remote Code Execution. Recommendations...

CVE-2026-25475 OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction

OpenClaw is a personal AI assistant. Prior to version 2026.1.30, the isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/fil...

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

CVE-2025-69992

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication...

CVE-2025-68155

The CVE concerns @vitejs/plugin-rsc (used with Vite) in development mode. Prior to version 0.5.8, the endpoint /__vite_rsc_findSourceMapURL accepts a file:// URL in the filename query parameter, converts it to a filesystem path, and reads the target file without validating its location, returning...

SUSE CVE-2025-66410

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

GHSA-JRHG-82W2-VVJ7 Gin-vue-admin has an arbitrary file deletion vulnerability

Impact Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder The affected code: Affected interfaces: /api/fileUploadAndDownload/removeChunk POC: You can specify the...

EUVD-2022-47288

Malicious code in bioql PyPI...