CVE-2026-10737

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...

EUVD-2026-32736

The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Deletion via SQL Injection and PHP Object Injection in versions up to and including 3.0. This is due to a missing nonce verification in the processbulkaction function, the...

CVE-2026-8432

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file star. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan Dror...

CVE-2026-8754

CVE-2026-8754 affects AstrBotDevs AstrBot up to version 4.23.5. The vulnerability is in the File Upload Handler, specifically the function post_file in astrbot/dashboard/routes/chat.py , where filename manipulation enables a path traversal. Remote exploitation is possible, with the exploit descri...

CVE-2026-8265

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function getlogfile of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit...

Astra Linux - уязвимость в parsec

The vulnerability of the gobblefile function in the lsm utility of the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause service failures...

EUVD-2026-25967

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

PraisonAI Code Issue Vulnerability

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a code issue vulnerability that stems from the FileTools.downloadfile function validating the target path but not validating the url parameter, which can be exploited by an attacker to cause the attacke...

VulnCheck KEV: CVE-2025-1338

A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function printfile of the file /handleconfig.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely. The exploit has been...

PT-2026-29477

A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function get file of the file iopaint/file manager/file manager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be carried out remotely. Th...

PT-2026-29483

A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit i...

GHSA-HF2R-9GF9-RWCH Convict has prototype pollution via load(), loadFile(), and schema initialization

Impact Two unguarded prototype pollution paths exist, not covered by previous fixes: 1. config.load / config.loadFile — overlay recursively merges config data without checking for forbidden keys. Input containing proto or constructor.prototype e.g. from a JSON file causes the recursion to reach...

Arbitrary Command Injection

Overview cai-framework is a Cybersecurity AI Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the findfile function, which calls subprocess.Popen with shell=True. An attacker can execute arbitrary commands on the host system by injecting malicious...

CVE-2022-31539

The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2023-4469

The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrfldsexportfile function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to expose potentially...

CVE-2025-13645

The CVE-2025-13645 entry concerns the Modula Image Gallery WordPress plugin. Affected versions 2.13.1–2.13.2 are vulnerable to arbitrary file deletion due to insufficient file path validation in the ajax_unzip_file function. Authenticated attackers with Author-level access or higher can delete ar...

GHSA-HJQC-JX6G-RWP9 Keras Directory Traversal Vulnerability

Summary Keras's keras.utils.getfile function is vulnerable to directory traversal attacks despite implementing filtersafepaths. The vulnerability exists because extractarchive uses Python's tarfile.extractall method without the security-critical filter="data" parameter. A PATHMAX symlink resoluti...

PDF-XChange Editor 安全漏洞

PDF-XChange Editor is a PDF file viewer software from PDF-XChange, Inc. that runs on Microsoft Windows systems. A security vulnerability exists in PDF-XChange Editor version 10.7.3.401, which originates from an out-of-bounds read in the EMF function, which could lead to the disclosure of sensitiv...

CVE-2025-12137

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's REST API endpoint accepting arbitrary absolute file paths without proper validation in the...

CVE-2025-12270

A vulnerability was determined in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The impacted element is an unknown function of the file /api/v1/assignments/assignmentid/tasks/taskid/subfile of the component Student Assignment Submission Handler. This manipulation causes improper...