CVE-2026-28265

Technical specifics (affected component/versions, root cause, exploit steps, or patch) are not publicly provided in the supplied documents. Monitor Dell PowerStore advisories and external sources for updates.

Yodinfo Mini Mouse path traversal vulnerability

Yodinfo Mini Mouse is a mobile remote control application developed by Yodinfo in China. The version 9.2.0 of Yodinfo Mini Mouse contains a path traversal vulnerability. This vulnerability arises due to specially crafted HTTP requests that allow for path traversal, potentially leading to access t...

CVE-2021-47755

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

EUVD-2026-2777

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

PHP Remote File Inclusion

Overview mpdf/mpdf is a PHP library generating PDF files from UTF-8 encoded HTML. Affected versions of this package are vulnerable to PHP Remote File Inclusion via the annotation file parameters. An attacker can access arbitrary system files by supplying crafted annotation content containing file...

CVE-2022-50897 mPDF 7.0 - Local File Inclusion

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications...

mPDF 安全漏洞

mPDF is mPDF open source a library written in PHP for the use of HTML to PDF file conversion . mPDF version 7.0 there is a security vulnerability , the vulnerability stems from the annotation file parameters exist in the local file contains a vulnerability , which may lead to read arbitrary syste...

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from relative path traversal and allows remote attackers to download arbitrary system files...

EUVD-2022-41605

Malicious code in bioql PyPI...

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

WebITR 安全漏洞

WebITR is a poor attendance system from WebITR Corporation of Taiwan, China. A security vulnerability exists in WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

Uniong WebITR 安全漏洞

Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that stems from vulnerability to absolute path traversal attacks, which could lead to a remote attacker downloading arbitrary system files...

CVE-2019-15600

A Path traversal exists in httpserver which allows an attacker to read arbitrary system files...

GFI MailEssentials 安全漏洞

GFI MailEssentials is an email security suite from GFI that includes 14 anti-spam filters, 3 anti-virus engines, and malware scanning. A security vulnerability exists in GFI MailEssentials versions prior to 21.8, which stems from improper handling of XML external entities and could result in...

TRCore DVC path traversal vulnerability (CNVD-2024-46436)

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary system files...

CVE-2024-11310

The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files...

CVE-2024-11309

The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files...

CVE-2024-11310

CVE-2024-11310 affects the DVC from TRCore, describing a Path Traversal vulnerability that allows unauthenticated remote attackers to read arbitrary system files. Concrete details across connected sources identify the vulnerable component as TRCore’s DVC and confirm the impact as arbitrary file r...

CVE-2024-11309

TRCore DVC suffers a Path Traversal vulnerability due to improper path filtering, allowing unauthenticated remote attackers to read arbitrary system files. Affected: TRCore DVC versions up to 6.3. Remediation guidance in connected PT-2024-16900 recommends patching to newer versions and reviewing ...

CVE-2024-11067

The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's default password is a combination of the MAC address, attackers can obtain the MAC address through...