CVE-2026-7024

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

EUVD-2026-25699

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

CVE-2026-7024 rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

CVE-2026-7024

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

CVE-2026-7024 rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

CVE-2021-47755

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

CVE-2021-47755

Oliver Library Server v5 is affected by an unauthenticated arbitrary file download via the FileServlet endpoint. The root cause is unsanitized input in the fileName parameter, enabling attackers to download arbitrary files from the server filesystem. This impact is described across multiple sourc...

Softlink Oliver Library Server security vulnerability

Softlink Oliver Library Server is a library management system developed by the Australian company Softlink. Version 5 of Softlink Oliver Library Server contains a security vulnerability. This vulnerability stems from uncleaned inputs in the FileServlet endpoint, which may lead to the download of...

Arcserve UDP < 5.0 Update 4 Directory Traversal

The Arcserve Unified Data Protection UDP application running on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a crafted file path to the 1 reportFileServlet or 2 exportServlet servlet, to obtain sensitive information ...

CVE-2021-20123

A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...

PT-2021-8120 · Draytek · Draytek Vigorconnect

Name of the Vulnerable Software and Affected Versions: Draytek VigorConnect version 1.6.0-B3 Description: A local file inclusion vulnerability exists in the file download functionality of the "DownloadFileServlet" endpoint. An unauthenticated attacker could leverage this vulnerability to download...

SearchBlox 路径遍历漏洞

SearchBlox is an application from US-based SearchBlox, Inc. Provides a powerful enterprise search architecture for on-premise or cloud deployments. A security vulnerability exists in SearchBlox versions prior to 9.2.2 that allows remote, unauthenticated users to read arbitrary files from the...

HP Intelligent Management Center Arbitrary Code Execution Vulnerability (CNVD-2017-33287)

HP Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Fault, Configuration, Accounting, Performance and Security FCAPS model. An arbitrary code execution vulnerability exists in HP Intelligent Management Center, where a remote...

HP Intelligent Management Center Arbitrary Directory Deletion Vulnerability

HP Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Fault, Configuration, Accounting, Performance and Security FCAPS model. An arbitrary directory deletion vulnerability exists in HP Intelligent Management Center, where a remote...

AppFusions Doxygen for Atlassian Confluence Cross-Site Scripting Vulnerability

Doxygen is a popular documentation generator and tool for writing software reference documentation. A cross-site scripting vulnerability exists in AppFusions Doxygen for Atlassian Confluence where the parameter file is not filtered in the DoxygenFileServlet.java file. This allows an attacker to...