CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

CVE-2025-59890

Eaton Galileo software is affected by CVE-2025-59890 due to improper input sanitization in the file archives upload function, enabling local path traversal that could allow an attacker with local access to execute unauthorized code or commands. The issue is tied to the Galileo file-archiver handl...

PT-2025-48263

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

CVE-2021-32588

A use of hard-coded credentials CWE-798 vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application...

PT-2020-6425 · Civicrm · Civicrm

Name of the Vulnerable Software and Affected Versions: CiviCRM versions 5.22.x through 5.24.x before 5.24.3 CiviCRM versions prior to 5.21.3 Description: The issue in CiviCRM is related to the possibility of uploading and executing PHAR archives. Exploitation of this issue may allow a remote...