Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.24 views

EUVD-2006-6714

Malware in sbrugna...

9.3CVSS6AI score0.03632EPSS
Exploits0References38
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-10293

Malware in sbrugna...

7.8CVSS7.5AI score0.01279EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0989

Malware in sbrugna...

7.2CVSS6.4AI score0.00394EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-3455

Malware in sbrugna...

6.5CVSS7.3AI score0.03439EPSS
Exploits1References19
Veracode
Veracode
added 2025/07/18 7:17 a.m.4 views

Path Traversal

Measured is vulnerable to Path Traversal. The vulnerability is due to insufficient input validation when initializing the class, which allows an attacker to manipulate inputs and instruct the library to read arbitrary files...

7AI score
Exploits0
Veracode
Veracode
added 2025/07/03 4:29 a.m.11 views

Path Traversal

@modelcontextprotocol/server-filesystem is vulnerable to path traversal. The vulnerability is due to improper validation of directory prefixes, which allows an attacker to access unintended files by crafting paths that match allowed directory prefixes...

7.3CVSS6.1AI score0.00502EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2025/06/17 12:0 a.m.2 views

Path Traversal Vulnerability in Various ABB Products

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

7.5CVSS7.1AI score0.00354EPSS
Exploits0References1
Veracode
Veracode
added 2025/06/10 4:53 a.m.5 views

Deserialization Of Untrusted Data

org.apache.inlong, inlong-manager is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to Improper handling of input parameter, which allows an authenticated attacker to read arbitrary files on the server by exploiting the deserialization flaw through crafted input...

9.8CVSS9.3AI score0.00576EPSS
Exploits0References7Affected Software1
Ubuntu
Ubuntu
added 2025/01/13 11:51 a.m.15 views

USN-7200-1: Roundcube vulnerability

It was discovered that Roundcube incorrectly handled certain file-based attachment plugins. An attacker could exploit this to gain unauthorized access to arbitrary files on the host’s file system...

7.8CVSS7.8AI score0.42831EPSS
Exploits5
Vulnrichment
Vulnrichment
added 2024/12/27 3:56 p.m.12 views

CVE-2024-56509 changedetection.io has Improper Input Validation Leading to LFR/Path Traversal

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read LFR or path traversal attacks. These vulnerabilities occur when user input is...

8.6CVSS6.8AI score0.00691EPSS
Exploits0References2
CNVD
CNVD
added 2024/11/11 12:0 a.m.5 views

Cisco Identity Services Engine Path Traversal Vulnerability (CNVD-2025-06671)

Cisco Identity Services Engine is an environment-aware platform from Cisco, USA. A path traversal vulnerability exists in Cisco Identity Services Engine that can be exploited by an attacker to read or delete arbitrary files...

5.5CVSS6.7AI score0.00526EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/17 12:0 a.m.4 views

Fortinet FortiWAN Path Traversal Vulnerability

Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. A path traversal vulnerability exists in Fortinet FortiWAN, which stems from improperly restricting pathnames to restricted directories, and can be...

8.8CVSS6.7AI score0.00844EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.5 views

PT-2023-29117 · Lg · Com.Lge.Bluetoothsetting

Name of the Vulnerable Software and Affected Versions: com.lge.bluetoothsetting affected versions not specified Description: The issue is related to the use of implicit PendingIntents with the PendingIntent.FLAG MUTABLE set, which can lead to the theft and/or over-write of arbitrary files with...

7.8CVSS7.4AI score0.00125EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/06 5:18 p.m.6 views

CVE-2022-2434 String Locator <= 2.5.0 - Cross-Site Request Forgery to PHAR Deserialization

The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via the 'string-locator-path' parameter in versions up to, and including 2.5.0. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site...

8.8CVSS7.3AI score0.01207EPSS
Exploits0References4
CNVD
CNVD
added 2021/01/23 12:0 a.m.4 views

Directory Traversal Vulnerability in Thunderwind Movie CMS

Thunderwind Movie CMS is a PHP development, based on THINKPHP framework development suitable for all kinds of video, film and television websites, film and television content management system. Thunderwind CMS has a directory traversal vulnerability that can be exploited by an attacker to read an...

7.1AI score
Exploits0
CVE
CVE
added 2018/12/30 9:0 p.m.36 views

CVE-2018-20604

CVE-2018-20604 affects Lei Feng TV CMS (LFCMS) 3.8.6. A Directory Traversal is possible by crafting URIs using ..* in Template/edit/path, e.g., admin.php?s=/Template/edit/path/web .... ..*..*1.txt.html, enabling reading of arbitrary files (demonstrated with 1.txt). The connected records confirm t...

4.9CVSS5AI score0.01369EPSS
Exploits1References1Affected Software1
Exploit DB
Exploit DB
added 2004/01/26 12:0 a.m.35 views

herberlin bremsserver 1.2.4/3.0 - Directory Traversal

source: https://www.securityfocus.com/bid/9493/info Herberlin BremsServer is prone to a directory-traversal vulnerability. An attacker may exploit this issue to gain access to files residing outside the web server root directory of the affected system. This issue exists due to a failure to valida...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/06/18 12:0 a.m.26 views

MiniHTTPServer Web Forums Server 1.x2.0 - Directory Traversal

MiniHTTPServer Web Forums Server 1.x2.0 - Directory Traversal source: https://www.securityfocus.com/bid/7955/info It has been reported that WebForums Server does not properly handle some types of requests. Because of this, attackers may be able to gain access to files on the host server with the...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2002/09/20 12:0 a.m.17 views

Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure

Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a...

7.4AI score
Exploits0
NVD
NVD
added 2000/12/19 5:0 a.m.8 views

CVE-2000-0911

IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachmentname hidden form variable, which causes IMP to send the file to the attacker as an attachment...

5CVSS6.6AI score0.01855EPSS
Exploits0References3
Rows per page
Query Builder