CVE-2026-2460

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so...

EUVD-2026-8465

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so...

CVE-2026-2460

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so...

PT-2026-21688

Name of the Vulnerable Software and Affected Versions REB500 affected versions not specified Description An authenticated user with low-level privileges can access and modify the content of directories using the DAC protocol, despite lacking the necessary authorization. Recommendations At the...

EUVD-2018-13477

Malware in sbrugna...

EUVD-2019-11534

Malware in sbrugna...

CVE-2019-25097

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2019-25097

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

UBUNTU-CVE-2019-25097

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2019-25097 soerennb eXtplorer Directory Content path traversal

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2019-25097

CVE-2019-25097 affects soerennb eXtplorer up to version 2.1.12. The vulnerability is a path traversal flaw in the Directory Content Handler component, enabling traversal due to unknown internal functionality. A fix is available in version 2.1.13, with patch identifier b8fcb888f4ff5e171c16797a4b07...

eXtplorer 路径遍历漏洞

eXtplorer is a PHP-based file manager. A path traversal vulnerability exists in eXtplorer versions prior to 2.1.13, which stems from an issue with some unknown functionality of the component Directory Content Handler that can lead to path traversal...

PT-2023-11355 · Soerennb · Extplorer

Name of the Vulnerable Software and Affected Versions: soerennb eXtplorer versions up to 2.1.12 Description: A critical issue was found in the Directory Content Handler component, leading to path traversal due to manipulation of some unknown functionality. Upgrading to version 2.1.13 addresses th...

Github PNPM 代码问题漏洞

Github PNPM is fast, disk space saving package manager. A security vulnerability exists in PNPM v6.15.1 that stems from when a user executes a PNPM command in a directory that contains malicious content, which can cause an application to run in an unexpected manner...

ECOA BAS controller path traversal vulnerability

Ecoa Bas controller is a building automation controller from Ecoa Technologies Corp. in China. A path traversal vulnerability exists in Ecoa Bas controller, which can be exploited by attackers to compromise the device directory content by using the GET parameter in the file manager...

CVE-2021-41291

ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device...

CVE-2021-41291 ECOA BAS controller - Path Traversal-1

ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device...

Code injection

cPanel before 68.0.27 allows a user to discover contents of directories that are not owned by that user by leveraging backups SEC-339...

ManageEngine File Download / Content Disclosure / SQL Injection

Hi, This is part 12 of the ManageOwnage series. For previous parts, see 1. This time we have an arbitrary file download, directory content disclosure and blind SQL injection vulnerabilities in ManageEngine OpManager, Applications Manager and IT360. I've pushed two new Metasploit modules into the...

oracleasp-bypass.txt

Affected Software/Device: Oracle Application Server Portal Vulnerability: Authentication Bypass Tested Version: 10G Risk: Medium Description: Oracle Application Server Portal OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environmen...