U.S. Dept Of Defense: Exposed wp-config.php file in ███ National Guard website

A WordPress configuration file containing sensitive information, such as the MySQL database password, was found exposed on a website of the National Guard. The file was accessible at a public endpoint...

CVE-2025-0818

Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...

CVE-2025-0818

Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...

CVE-2025-0818 Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion

Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

Samba 安全漏洞

Samba is a Samba open source suite of standard Windows interoperability programs for Linux and Unix. A security vulnerability exists in Samba that stems from the smbd service not updating group membership, which could lead to exposed file shares...

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not provided...

CVE-2024-7460

A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /changepassword.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...

PT-2021-4574 · Django +4 · Django +4

Name of the Vulnerable Software and Affected Versions: Django versions 2.2.23 and earlier, 3.x versions prior to 3.1.12, 3.2.x versions prior to 3.2.4 Description: The issue is related to a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView...

webcgi98.txt

The following e-mail was sent to Acadsoft support about a week ago and I have yet recieved a response so I thought it was time to make it public. As I mentioned in the email I felt it was important because various universities use this as a registration utility. Hi, I was playing around with your...