20 matches found
CVE-2026-56768 Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method
Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...
GHSA-QF38-JQ28-3CCQ Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory
A path traversal in the SFTP provider SFTPHook.retrievedirectory / SFTPOperatoroperation=get let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted directory-entry names. No Airflow account is required — the attack surface is a...
EUVD-2018-21636
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system...
CVE-2018-25181
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter in the getAlbum endpoint, resulting in ZIP downloads of sensitive system directories. The issue affects the getAlbum path traversal fu...
CVE-2018-25181 Musicco 2.0.0 Arbitrary Directory Download via Path Traversal
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system...
CVE-2018-25181
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system...
CVE-2021-41281 Path traversal in Matrix Synapse
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API
The plugin does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwrite arbitrary CSS file with Google Fonts CSS, or download fonts uploaded on Google Fonts website. Access the URL below as unauthenticated...
CVE-2020-26549
An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...
Green CMS 2.x Arbitrary File / Directory Download
Exploit Title: Green CMS 2.x - Arbitrary File & Directory Download Dork: N/A Date: 2019-01-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.greencms.net/ Software Link: https://codeload.github.com/GreenCMS/GreenCMS/zip/beta Version: 2.x Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...
GreenCMS 2.x - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Green CMS 2.x - Arbitrary File & Directory Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.greencms.net/ Software Link: https://codeload.github.com/GreenCMS/GreenCMS/zip/beta Version: 2.x Category: Webapps Test...
GreenCMS 2.x - Arbitrary File Download
GreenCMS 2.x - Arbitrary File Download Exploit Title: Green CMS 2.x - Arbitrary File & Directory Download Dork: N/A Date: 2019-01-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.greencms.net/ Software Link: https://codeload.github.com/GreenCMS/GreenCMS/zip/beta Version: 2.x Category:...
Musicco 2.0.0 - Arbitrary Directory Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on:...
Musicco 2.0.0 - Arbitrary Directory Download
Musicco 2.0.0 - Arbitrary Directory Download Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category:...
Musicco 2.0.0 Arbitrary Directory Download
Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
Musicco 2.0.0 - Arbitrary Directory Download
Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
iWant - CLI Based Decentralized Peer To Peer File Sharing
A commandline tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easydiscovery of files: As easy as searching for something in Google. File download from...
Decentralized Peer to Peer File Sharing: iWant
A command-line tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easy discovery of files : As easy as searching for something in Google. File download from...
WordPress Download Plugin <= 1.0.1 - Arbitrary Directory Download Vulnerability
Arbitrary Directory Download Vulnerability was found in WordPress Download Plugin in 1.0.1 version. There's no restriction against directory download in the dpwapdownload function. It's a very serious vulnerability because an attacker can download the whole site directory. Update the plugin as so...
Dotclear 2.9.1 Directory Download
Dotclear 2.9.1 Directory Download Vulnerability + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Authenticated users with media manager access...