CVE-2026-44885

Portainer Portainer Community Edition is affected by a directory traversal in the backup archive extraction path. The vulnerable code path is ExtractTarGz in api/archive/targz.go, which builds output paths via filepath.Clean(filepath.Join(outputDirPath, header.Name)). A tar entry like ../../etc/c...

GHSA-M8FG-67J7-CX4V Portainer has a path traversal in backup archive extraction that allows arbitrary file write

Summary Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructed output paths using filepath.Cleanfilepath.JoinoutputDirPath, header.Name. This combination does not...

EUVD-2026-11309

WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB extracts tar.gz archives to a temporary directory using PHP's PharData class, then uses glob and filegetcontents to read SQL files from the extracted contents. Neither the extraction nor the file reading...

DirectAdmin 1.33.6 Symlink Bypass

Subject: DirectAdmin ln /etc/shadow to make symbolic link to shadow file in any dir after that go to Create/Restore Backups in direct and make Domains Directory: Backs up the backup file will be in /home/test/backups go there then Extract tar.gz file after extract go to...