3 matches found
CVE-2024-12313
The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woocomparelist' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...
Path Traversal
spring-boot-actuator-logview is vulnerable to Path Traversal. The vulnerability exists in the securityCheck function of LogViewEndpoint.java because it does not properly validate relative paths, allowing an attacker to access files outside the expected directory through the path such as /usr/outn...
Path Traversal
github.com/jfrazelle/pastebinit is vulnerable to path traversal. The vulnerability exists due to the improper path handling in the pasteHandler function of server.go, allowing an attacker to access files outside the restricted directory...