Lucene search
K

145 matches found

OSV
OSV
added 2026/02/03 10:16 p.m.5 views

CVE-2020-37088

School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system...

7.5CVSS5.9AI score0.02564EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.19 views

EUVD-2021-2003

Malware in sbrugna...

5.3CVSS5.7AI score0.01178EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2002-2166

Malware in sbrugna...

5CVSS6.4AI score0.0115EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28622

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01973EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-41747

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01434EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12108

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0116EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-12113

Malicious code in bioql PyPI...

4.4CVSS5.1AI score0.00542EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-42161

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01031EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/18 9:58 p.m.14 views

CVE-2025-34119

A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its...

8.8CVSS7.4AI score0.01519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:19 a.m.5 views

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

7.2CVSS6.9AI score0.00757EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:21 a.m.20 views

CVE-2023-38344

An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The application does not sufficiently restrict user-supplied paths, allowing for an...

6.5CVSS6.7AI score0.01031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.5 views

CVE-2021-41608

A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...

7.5CVSS6.8AI score0.01973EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 p.m.9 views

CVE-2021-32822

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

5.3CVSS6.5AI score0.01178EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:40 p.m.8 views

CVE-2002-2187

Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact...

5CVSS6.9AI score0.0115EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/04 2:38 p.m.6 views

jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability

A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...

4.3CVSS5.8AI score0.0036EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/03/04 2:38 p.m.15 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.17. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS6.7AI score0.15413EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/11/12 12:0 a.m.5 views

Synology DiskStation Manager (DSM) File Disclosure Vulnerability (Synology-SA-24:20) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to a file disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.7AI score0.26952EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/30 12:0 a.m.15 views

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

0.00757EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/10/30 12:0 a.m.9 views

CVE-2024-48647

A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including...

7AI score0.00757EPSS
Exploits2References1
0day.today
0day.today
added 2024/10/25 12:0 a.m.298 views

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vulnerability

ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script is not properly verified before being used to download log files. This can be exploited to disclose the contents o...

6.9AI score
Exploits0
Rows per page
Query Builder