23 matches found
EUVD-2021-1367
Malware in sbrugna...
EUVD-2012-2196
Malware in sbrugna...
EUVD-2014-4928
Malware in sbrugna...
EUVD-2025-21741
Malicious code in bioql PyPI...
Exploit for CVE-2025-30208
CVE-2025-30208 Vite Arbitrary File Read vulnerability 🌌 Here'...
CVE-2024-57186
In Erxes 1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler...
PT-2025-25180 · WordPress · Wp-Downloadmanager
Name of the Vulnerable Software and Affected Versions: WP-DownloadManager plugin for WordPress versions up to, and including, 1.68.10 Description: The issue is due to a lack of restriction on the directory an administrator can select for storing downloads, making it possible for authenticated...
CVE-2019-14409
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin SEC-466...
CVE-2013-0944
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick
CVE-2022-44268 Arbitrary File Read PoC - PNG generator This is...
CVE-2025-29930 imFAQ allows local file inclusion in seo.php
imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...
CVE-2025-27103 Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. ...
Exploit for Server-Side Request Forgery in Bookstackapp Bookstack
PHP filter chains: file read from error-based oracle. Updated...
NetAlertX File Read Vulnerability
This module exploits improper authentication in logs.php endpoint. An unathenticated attacker can request log file and read any file due path traversal vulnerability. Module Options msf use auxiliary/scanner/http/netalertxfileread msf auxiliarynetalertxfileread show actions ...actions... msf...
CVE-2024-8497
CVE-2024-8497 affects Franklin Fueling Systems TS-550 EVO prior to version 2.26.4.8967. The flaw is an absolute path traversal that allows reading a file containing administrator credentials, enabling an attacker to obtain admin access to the device. The vulnerability is exploitable remotely with...
Emissary Information Disclosure Vulnerability
Emissary is a software application. A P2P-based data-driven workflow engine that runs across heterogeneous and potentially widely distributed multi-tier P2P network computing resources. An information disclosure vulnerability exists in Emissary version 5.9.0, which can be exploited by an attacker...
Cisco StarOS Arbitrary File Read Vulnerability
Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. An arbitrary file read vulnerability exists in Secure FTP SFTP in Cisco StarOS versions prior to 21.19.7 used in Cisco ASR 5000 series routers, which can be exploited by an attacker...
Exploit for CVE-2020-1938
It is an exploit module for CNVD-2020-10487 CVE-2020-1938, a file read vulnerability in Tomcat AJP. The vulnerability allows an attacker to read files on the server by sending a specially crafted AJP request. The exploit is implemented in Python 2.7 and uses the ajpy library to interact with the...
Exploit for CVE-2020-1938
CVE-2020-1938 Tomcat-fileinclude and filered Exploita...
Exploit for Path Traversal in Mikrotik Routeros
WinboxExploit This is a proof of concept of the critical WinBo...