CVE-2026-4284

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

CVE-2026-4284

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

CVE-2026-4284 taoofagi easegen-admin PPT File PPTUtil.java downloadFile server-side request forgery

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

PT-2026-25829

A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/PPTUtil.java of th...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the downloadFile function via the update-cache command. An attacker can cause disk exhaustion by supplying a malicious URI in the configuration, leading to unbounded downloads and...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the downloadFile function via the update-cache command. An attacker can cause disk exhaustion by supplying a malicious URI in the configuration, leading to unbounded downloads and...

EUVD-2025-205771

A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...

D-Link DCS-850L 路径遍历漏洞

The D-Link DCS-850L is a wireless network camera from China's AUO D-Link. A path traversal vulnerability exists in the D-Link DCS-850L version 1.02.09, which stems from incorrect manipulation of the parameter DownloadFile in the component Firmware Update Service, which could lead to path traversa...

CVE-2025-14516

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFile function in the URL handler component. An attacker can access internal resources or services by supplying crafted URLs. Remediation There is no fixed version for com.yalantis:ucrop...

CVE-2025-14516

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

EUVD-2025-202689

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

uCrop 代码问题漏洞

uCrop is an Android image cropping library open-sourced by Yalantis. A code issue vulnerability exists in uCrop version 2.2.11, which stems from a flaw in the function downloadFile in the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler, which could lead to server-sid...

Metasploit Wrap-Up 12/05/2025

Twonky Auth Bypass, RCEs and RISC-V Reverse Shell Payloads This was another fantastic week in terms of PR contribution to the Metasploit Framework. Rapid7’s very own Ryan Emmons recently disclosed CVE-2025-13315 and CVE-2025-13316 which exist in Twonky Server and allow decrypting admin credential...

CVE-2025-11789

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with 'iVar2'. If the parameter is too large, it will access memory beyond the limits...

CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...

Monsta FTP downloadFile Remote Code Execution

This module exploits a pre-authenticated remote code execution vulnerability in Monsta FTP versions use exploit/multi/http/monstaftpdownloadfilerce msf exploitmonstaftpdownloadfilerce show targets ...targets... msf exploitmonstaftpdownloadfilerce set TARGET msf exploitmonstaftpdownloadfilerce sho...

📄 Monsta FTP DownloadFile Remote Code Execution

This Metasploit module exploits a pre-authenticated remote code execution vulnerability in Monsta FTP versions prior to 2.11.3. The vulnerability exists in the downloadFile action which allows an attacker to connect to a malicious FTP or SFTP server and download arbitrary files to arbitrary...

Exploit for CVE-2025-34299

Monsta FTP CVE-2025-34299 Exploit Python exploit for the RCE...

CVE-2025-9345

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajaxdownloadfile function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions ...