Lucene search
K

6474 matches found

Nuclei
Nuclei
added 12 hours ago51 views

Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal

The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...

7.5CVSS7.4AI score0.04325EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago30 views

Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data. id: CVE-2021-38146 info: name: Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Downloa...

7.5CVSS7.3AI score0.11733EPSS
Exploits3References4
Nuclei
Nuclei
added 12 hours ago38 views

Sante PACS Server.exe - Path Traversal Information Disclosure

A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed. id: CVE-2025-2264 info: name: Sante PACS Server.exe - Path Traversal...

7.5CVSS7.4AI score0.38656EPSS
Exploits2References1
Nuclei
Nuclei
added 12 hours ago21 views

Longjing Technology BEMS API 1.21 - Unauthenticated Arbitrary File Download

Longjing Technology BEMS API 1.21 is vulnerable to local file inclusion. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files...

8.7CVSS7.2AI score0.01378EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago55 views

WordPress Eventin (Themewinter) ≤ 4.0.26 - Arbitrary File Download

Themewinter Eventin contains a path traversal caused by relative path manipulation, letting attackers access arbitrary files on the server, exploit requires no specific privileges or user interaction. id: CVE-2025-47445 info: name: WordPress Eventin Themewinter ≤ 4.0.26 - Arbitrary File Download...

9.8CVSS7.3AI score0.0465EPSS
Exploits1References3
Nuclei
Nuclei
added 3 days ago533 views

WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF

WordPress Automatic plugin 3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This...

9.9CVSS7.3AI score0.93971EPSS
Exploits18References3
Nuclei
Nuclei
added 4 days ago29 views

GDidees CMS v3.9.1 - Arbitrary File Download

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /admin/imgdownload.php. id: CVE-2023-27179 info: name: GDidees CMS v3.9.1 - Arbitrary File Download author: theamanrawat severity: high description: | GDidees CMS v3.9.1 a...

7.5CVSS7.2AI score0.60793EPSS
Exploits4References5
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-357 internetarchive Vulnerable to Directory Traversal in File.download()

Impact What kind of vulnerability is it? This is a Critical severity directory traversal path traversal vulnerability in the File.download method of the internetarchive library. Who is impacted? All users of the internetarchive library versions 5.5.1 are impacted. The vulnerability is particularl...

9.4CVSS6AI score0.01402EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/26 8:55 p.m.30 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
CVE
CVE
added 2026/06/26 8:55 p.m.19 views

CVE-2026-49984

CVE-2026-49984 – Kestra : A path traversal vulnerability in the LocalStorage backend allows any authenticated user who can view an execution to read arbitrary files on the server. Before patching, the LocalStorage path validator mishandles Windows-style backslashes, letting an attacker smuggle tr...

7.7CVSS6AI score0.00386EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-48944

The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATHSITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by t...

6.5CVSS0.00295EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/06/25 5:45 a.m.96 views

SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...

9.1CVSS7.6AI score0.95151EPSS
Exploits2References2
NVD
NVD
added 2026/06/23 7:16 a.m.12 views

CVE-2026-8379

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

7.5CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 6:0 a.m.37 views

CVE-2026-8379 Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Download

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 6:0 a.m.6 views

EUVD-2026-38420

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

7.5CVSS5.9AI score0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 6:0 a.m.13 views

CVE-2026-8379

The CVE-2026-8379 entry concerns the Frontend File Manager Plugin for WordPress (≤ 23.6). The vulnerability is a failure to properly enforce nonce verification on the file download handler, enabling unauthenticated attackers to download files uploaded by any user by iterating identifiers. The iss...

7.5CVSS5.9AI score0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:0 a.m.7 views

CVE-2026-8379

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

5.9AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.16 views

PT-2026-51479

Name of the Vulnerable Software and Affected Versions Frontend File Manager Plugin versions prior to 23.7 Description An issue exists where the file download handler does not properly enforce its nonce check. A nonce number used once is a security token used to prevent cross-site request forgery...

7.5CVSS5.7AI score0.0024EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00595EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37647

Unauthenticated Arbitrary File Download in WP Media folder Addon = 4.0.1 versions...

7.5CVSS5.2AI score0.00467EPSS
Exploits0References2
Rows per page
Query Builder