Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/05/19 3:38 p.m.5 views

GHSA-C656-JCX2-7PQJ zrok copy writes attacker-controlled WebDAV paths outside the destination root

Summary Alice runs zrok2 copy from a WebDAV or zrok drive controlled by Bob into a local filesystem target. Bob returns a DAV href such as /../outside.txt. The sync pipeline stores that path in the source inventory and passes it to FilesystemTarget.WriteStream, which joins it with the target root...

8.3CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2022/10/11 9:15 p.m.15 views

Input validation

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can b...

5CVSS7.3AI score0.03739EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/10/11 12:0 a.m.14 views

CVE-2022-39802

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can b...

7.6AI score0.03739EPSS
Exploits0References3
exploitpack
exploitpackadded 2019/03/21 12:0 a.m.43 views

Rails 5.2.1 - Arbitrary File Content Disclosure

Rails 5.2.1 - Arbitrary File Content Disclosure ''' Exploit Title: File Content Disclosure on Rails Date: CVE disclosed 3/16 today's date is 3/20 Exploit Author: NotoriousRebel Vendor Homepage: https://rubyonrails.org/ Software Link: https://github.com/rails/rails Version: Versions Affected: all...

5CVSS0.94318EPSS
Exploits18
Exploit DB
Exploit DBadded 2019/03/21 12:0 a.m.66 views

Rails 5.2.1 - Arbitrary File Content Disclosure

''' Exploit Title: File Content Disclosure on Rails Date: CVE disclosed 3/16 today's date is 3/20 Exploit Author: NotoriousRebel Vendor Homepage: https://rubyonrails.org/ Software Link: https://github.com/rails/rails Version: Versions Affected: all Fixed Versions: 6.0.0.beta3, 5.2.2.1, 5.1.6.2,...

7.5CVSS8AI score0.94318EPSS
Exploits18
Packet Storm
Packet Stormadded 2019/03/21 12:0 a.m.76 views

Rails 5.2.1 Arbitrary File Content Disclosure

''' Exploit Title: File Content Disclosure on Rails Date: CVE disclosed 3/16 today's date is 3/20 Exploit Author: NotoriousRebel Vendor Homepage: https://rubyonrails.org/ Software Link: https://github.com/rails/rails Version: Versions Affected: all Fixed Versions: 6.0.0.beta3, 5.2.2.1, 5.1.6.2,...

0.94318EPSS
Exploits18
Rows per page
Query Builder