Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the CreateNewDAG API endpoint when the DAG name is not properly validated before being passed to the file store. An attacker can write arbitrary YAML files outside the intended directory, potentially overwriting...

EUVD-2025-34935

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

Delta Electronics DIALink Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to overwrite configuration files on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 7631 by default. The issue...

PT-2024-7542 · Unknown · Workstation

Name of the Vulnerable Software and Affected Versions: WorkstationST affected versions not specified Description: The issue is related to a lack of authentication for a critical function in the OPC server. This could allow a remote attacker to read or overwrite files on the configuration server...

Super Store Finder Injection Vulnerability

Super Store Finder is an easy-to-use Google Maps API store finder program Super Store Finder by Super Store Finder. An injection vulnerability exists in Super Store Finder 3.7 and earlier versions, which stems from an arbitrary PHP code injection vulnerability. An attacker can exploit this...