CVE-2024-4040

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code...

F5 F5OS Path Traversal Vulnerability

F5 F5OS is a proprietary operating system that runs on F5 Corporation's F5 devices to support its application delivery control and security features. A security vulnerability exists in the F5 F5OS QKView utility that originates from allowing an authenticated attacker to read files outside of the...

FreeRDP 路径遍历漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP is vulnerable to a path traversal vulnerability that stems from a lack of path normalization and basic path checking for the "drive" channel. An attacker could use this vulnerability to read...

yawcam 0.2.5 - Directory Traversal

source: https://www.securityfocus.com/bid/13295/info Yawcam is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. GET ................\windows\system.ini HTTP/1.0 GET ................\windows\system.ini HTTP/1.0...