38399 matches found
EUVD-2025-210318
An issue in the stcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2026-55447
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, an attacker can direct the node to read any file on the file-system by absolute path. All components based on BaseFileComponent are vulnerable to t...
CVE-2025-61023
An issue in the stcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2026-55447
Langflow’s BaseFileComponent family (including Read File, DoclingInlineComponent, DoclingServe, DoclingRemoteComponent, NvidiaIngestComponent, VideoFileComponent, UnstructuredComponent) is affected by CVE-2026-55447. The underlying issue is in base_file.py: _unpack_bundle TAR extraction does not ...
CVE-2026-56815
The CVE-2026-56815 entry concerns the pwnlift project, specifically a symlink following vulnerability in the upload handler located at Components/Pages/Home.razor, exploitable in a privileged deployment. Root cause is described as a symlink following issue within the upload handler. The CVSS 3.1 ...
TileServer API - Cross Site Scripting
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key. id: CVE-2024-35627 info: name: TileServer API - Cross Site Scripting author: DhiyaneshDK severity: medium description: | tileserver-gl up to v4.4.10 was discovered to...
Chuanhu Chat - Directory Traversal
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...
Joomla! Component Jfeedback 1.2 - Local File Inclusion
A directory traversal vulnerability in the Ternaria Informatica Jfeedback! comjfeedback component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1478 info: name:...
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion
A directory traversal vulnerability in the Jimtawl comjimtawl component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. dot dot in the task parameter to index.php. id: CVE-2010-4769 info: name: Joomla! Component Jimtawl 1.0.2 - Local...
Joomla! Component Advertising 0.25 - Local File Inclusion
A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...
Joomla! Component Arcade Games 1.0 - Local File Inclusion
A directory traversal vulnerability in the Arcade Games comarcadegames component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1714 info: name: Joomla! Component Arcade Games 1.0 - Local File Inclusion autho...
Joomla! Component Photo Battle 1.0.1 - Local File Inclusion
A directory traversal vulnerability in the Photo Battle comphotobattle component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. id: CVE-2010-1461 info: name: Joomla! Component Photo Battle 1.0.1 - Local File Inclusion author: daffainfo...
Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion
A directory traversal vulnerability in the Dione Form Wizard aka FDione or comdioneformwizard component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-2045 info: name: Joomla! Component...
Joomla! Component Jstore - 'Controller' Local File Inclusion
A directory traversal vulnerability in Jstore comjstore component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-5286 info: name: Joomla! Component Jstore - 'Controller...
Joomla! Component Love Factory 1.3.4 - Local File Inclusion
A directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1957 info: name: Joomla! Component Love Factory 1.3.4 - Local File Inclusion...
Joomla! Component JInventory 1.23.02 - Local File Inclusion
A directory traversal vulnerability in jinventory.php in the JInventory comjinventory component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1305...
Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion
A directory traversal vulnerability in the givesight PowerMail Pro compowermail component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1532 info: name: Joomla!...
Joomla! Component Online Market 2.x - Local File Inclusion
A directory traversal vulnerability in the Online Market commarket component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1722 info: name: Joomla! Component Onlin...
Joomla! Component com_bfsurvey - Local File Inclusion
A directory traversal vulnerability in the BF Survey combfsurvey component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2259 info: name: Joomla! Component combfsurvey - Local File Inclusion...
CVE-2025-61029
An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...