11 matches found
CVE-2026-37266
An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the forcedownload.php component...
Responsive FileManager 安全漏洞
Responsive FileManager is a free, open-source file manager developed by Alberto Peripolli. Version 9.14.0 of Responsive FileManager contains a security vulnerability. This vulnerability stems from issues with the forcedownload.php component, which could allow remote attackers to execute arbitrary...
EUVD-2025-209846
Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...
CVE-2024-57767
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery SSRF via the component /file/download...
CVE-2024-57767
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery SSRF via the component /file/download...
The vulnerability of the Download component in Google Chrome and Microsoft Edge browsers allows attackers to circumvent existing security restrictions.
The vulnerability of the Download component in Google Chrome and Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...
CVE-2022-34458
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the...
The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator from the enterprise automation system Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator of the enterprise automation system Oracle E-Business Suite, is related to insufficient validation of entered data. Exploiting this vulnerability can allow an...
CVE-2023-21847
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Download. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web...
TOTOLINK A810R 操作系统命令注入漏洞
The TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK A810R version V5.9c.4050B20190424, which stems from a command injection vulnerability via the included component downloadFile.cgi...
Unspecified Vulnerability in Apple Safari Download Component
Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in the Safari Downloads component of Apple Safari versions prior to 13.1.2. An attacker can exploit the vulnerability to change the...