6 matches found
CVE-2025-26352
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...
CVE-2025-26352
creationtimestamp| type| source ---|---|--- 2025-02-12 14:35:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113991414709940708...
CVE-2025-26352
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...
CVE-2025-26352
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...
CVE-2025-26352
The CVE-2025-26352 entry documents a CWE-35 path traversal in the template deletion mechanism of Q-Free MaxTime (≤ v2.11.0). An authenticated remote attacker can delete sensitive files via crafted HTTP requests, due to the insecure handling in the deletion path. Impact is described as the ability...
CVE-2025-26352
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...