CVE-2026-20189

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

CVE-2026-4233

CVE-2026-4233 pertains to ThingsGateway 12, with a vulnerability in the /api/file/download endpoint. The issue arises from manipulating the fileName parameter, enabling path traversal and remote exploitation. Public exploit appears to be available, and multiple feeds (NVD/Red Hat/ENISA/EUVD/CVE r...

CVE-2026-4233

A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...

CVE-2026-4222

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

CVE-2025-46363

Dell Secure Connect Gateway SCG 5.0 Application and Appliance versions 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API if this REST API is enabled by Admin user from UI. A low privileged attacker with remote...

CVE-2025-49089

wangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd...

CVE-2022-36671

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API...

CVE-2021-38146

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data...

PT-2024-40013 · Saltcorn · Saltcorn

Name of the Vulnerable Software and Affected Versions: Saltcorn versions 1.0.0 through 1.0.0-beta.13 Description: A user with admin permission can read and download arbitrary zip files when downloading auto backups. The file name used to identify the zip file is not properly sanitized when passed...

PT-2024-25526 · Virtosoftware · Virto Bulk File Download

Name of the Vulnerable Software and Affected Versions: VirtoSoftware Virto Bulk File Download version 5.5.44 for SharePoint 2019 Description: An issue was discovered that allows arbitrary file download and deletion via absolute path traversal in the path parameter of the isCompleted method in the...

PT-2024-25528 · Virtosoftware · Virto Bulk File Download

Name of the Vulnerable Software and Affected Versions: VirtoSoftware Virto Bulk File Download version 5.5.44 for SharePoint 2019 Description: An issue was discovered that allows an NTLMv2 hash leak via a UNC share pathname in the path parameter of the isCompleted method in the...

PT-2024-15650 · Git +2 · Anything-Llm +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A user who is already privileged as manager or admin can exploit this issue by setting their profile picture via the frontend API using a relative...

CVE-2023-36654

Directory traversal in the log-download REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to download host server SSH private keys associated with a Linux root user by injecting paths inside REST API endpoint parameters...

CVE-2022-36671

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API...

CVE-2022-36671

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API...

Arbitrary file deletion

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API...

novel-plus 安全漏洞

novel-plus novel-plus is a multi-end PC, WAP reading, full-featured original literature CMS system. A security vulnerability exists in novel-plus v3.6.2, which can be exploited to download arbitrary files via the background file download API...

CVE-2021-38146

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data...

CVE-2021-38146

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data...

CVE-2021-38146

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data...