Lucene search
+L

7 matches found

euvd
euvd
added 2026/03/06 3:31 p.m.9 views

EUVD-2018-21636

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system...

8.7CVSS5.9AI score0.00632EPSS
Exploits0References3
cvelist
cvelist
added 2026/03/06 12:19 p.m.30 views

CVE-2018-25181 Musicco 2.0.0 Arbitrary Directory Download via Path Traversal

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system...

8.7CVSS0.00632EPSS
Exploits0References2
cvelist
cvelist
added 2021/11/23 7:15 p.m.47 views

CVE-2021-41281 Path traversal in Matrix Synapse

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

7.5CVSS7.9AI score0.01514EPSS
Exploits0References5
zdt
zdt
added 2018/11/14 12:0 a.m.127 views

Musicco 2.0.0 - Arbitrary Directory Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/11/13 12:0 a.m.79 views

Musicco 2.0.0 - Arbitrary Directory Download

Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

7AI score
Exploits0
packetstorm
packetstorm
added 2018/11/13 12:0 a.m.175 views

Musicco 2.0.0 Arbitrary Directory Download

Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

7.4AI score
Exploits0
patchstack
patchstack
added 2017/07/14 12:0 a.m.10 views

WordPress Download Plugin <= 1.0.1 - Arbitrary Directory Download Vulnerability

Arbitrary Directory Download Vulnerability was found in WordPress Download Plugin in 1.0.1 version. There's no restriction against directory download in the dpwapdownload function. It's a very serious vulnerability because an attacker can download the whole site directory. Update the plugin as so...

4.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder