CVE-2025-58438

internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal path traversal vulnerability in the File.download method of the internetarchive library. The file.download method does not properly sanitize user-supplied filenames or...

CVE-2025-58438 internetarchive is vulnerable to Directory Traversal through file downloads

internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal path traversal vulnerability in the File.download method of the internetarchive library. The file.download method does not properly sanitize user-supplied filenames or...

GHSA-5RJG-FVGR-3XXF setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def downloadurlself, url, tmpdir: Determine download filename name, fragment = egginfoforurlurl if name: while '..' in name: name = name.replace'..', '.'.replace'\', '' else: name = "downloaded"...

Novel-Plus Code Issue Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. A code issue vulnerability exists in Novel-Plus v4.3.0-RC1 and earlier versions, which stems from an arbitrary file download vulnerability in the component com.java2nb.common.controller.FileController: fileDownload...

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like...

CVE-2023-42280

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading...

mee-admin Path Traversal Vulnerability

mee-admin is an open source backend management system for funnyzpc individual developers. mee-admin 1.5 version of a security vulnerability , the vulnerability stems from the CommonFileController.java file in the download method does not validate the incoming data , resulting in arbitrary file re...

CVE-2011-5295

Buffer overflow in the Download method in a certain ActiveX control in MDIEEx.dll in Gogago YouTube Video Converter 1.1.6 allows remote attackers to execute arbitrary code via a long argument...

Buffer overflow

Buffer overflow in the Download method in a certain ActiveX control in MDIEEx.dll in Gogago YouTube Video Converter 1.1.6 allows remote attackers to execute arbitrary code via a long argument...

CVE-2011-5295

Affected product: Gogago YouTube Video Converter, version 1.1.6. The issue is a buffer overflow in the MDIEEx.dll ActiveX control’s Download method, allowing remote code execution via a long argument. This vulnerability is reported consistently across multiple sources (NVD, Red Hat, CNVD, CVE lis...

Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (2)

Vulnerability : .m3u File Local Stack Overflow Exploit SEH Full Rewrite + Product : Millenium MP3 Studio + Versions affected : v1.0 + Download : http://www.software112.com/products/mp3-millennium+download.html + Method : seh + Tested on : Windows XP SP3 En + Written by : corelanc0d3r...

VulnCheck KEV: CVE-2009-1612

Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are...

CVE-2009-1064

Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method...

CVE-2009-1064

Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method...

Buffer overflow

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect formerly InstallShield Update Service allows remote attackers to execute arbitrary code via the Download method...

CVE-2007-0321

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect formerly InstallShield Update Service allows remote attackers to execute arbitrary code via the Download method...

Free online movie crack(latest technologies)-vulnerability warning-the black bar safety net

Actually slightly understand a little web of friends all know to hack movies online is the best way to put pages saved, and then use the page editing software will save the page to open, and then figure out where the url links can be This is obviously a very good way, but also there is no matter...