CVE-2026-10248

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

CVE-2019-25342

Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...

CVE-2025-67442

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

PT-2025-52459

Name of the Vulnerable Software and Affected Versions EVE-NG version 6.4.0-13-PRO Description The software contains a directory traversal issue in the /api/export interface. This interface, used by authenticated users to export lab files, does not properly validate or filter user-supplied file pa...

EVE-NG 安全漏洞

EVE-NG is a clientless multi-vendor network emulation software from EVE-NG, Inc. A security vulnerability exists in EVE-NG version 6.4.0-13-PRO, which originates from directory traversal in the /api/export interface and could lead to the export of arbitrary files...

CVE-2025-67442

CVE-2025-67442 affects EVE-NG 6.4.0-13-PRO. A directory-traversal vulnerability exists in the /api/export interface, allowing authenticated users to export lab files due to insufficient validation/filtration of file path parameters. Multiple sources (RH, NVD, CNNVD, CVE lists, EUVD) corroborate t...

EUVD-2025-204572

EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users...

lila 安全漏洞

lila is an ad-free and open source chess server from Lichess Open Source. A security vulnerability exists in lila, which stems from the unvalidated direct passing of the players parameter in the game export API, which could lead to server-side request forgery...

UBUNTU-CVE-2025-54290

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...

CVE-2023-6189

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods...

Gradle Enterprise Export API Authentication Vulnerability

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A security vulnerability exists in Gradle Enterprise prior to version 2020.2.4. The vulnerability stemmed from an unrestricted cross-domain request for read-only data in the Export API. An attacker...

Infinix Note 5 Access Control Error Vulnerability

Infinix Note 5 is a smartphone from the Chinese company Transn Infinix. The Infinix Note 5 build fingerprint: Infinix/H633IJL/Infinix-X604sprout:8.1.0/O11019/IJL-180531V181:user/release-keys contains an access control error in the com.mediatek.wfo An access control error vulnerability exists in t...