Lucene search
+L

306 matches found

cve
cve
added 6 days ago9 views

CVE-2026-41878

Vulnerability (CVE-2026-41878) in R-SOFT DMS: Insecure Direct Object Reference (IDOR) affecting multiple file download endpoints. The app fetches files from the database by ID and serves them to any request, relying solely on session authentication, enabling a valid user to access any file. Repor...

7.1CVSS6.1AI score0.0047EPSS
Exploits0References1
osv
osv
added 2026/07/08 1:16 a.m.6 views

DEBIAN-CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS6AI score0.00241EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/07 8:23 p.m.5 views

CVE-2026-53729

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS5.9AI score0.00391EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2026/05/29 4:16 p.m.16 views

CVE-2018-25393

Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigatedownload.php with path traversal payloads ../../../cfg/globals.php to...

7.1CVSS0.00565EPSS
Exploits0References4
github
github
added 2026/05/11 7:40 p.m.12 views

MantisBT Vulnerable to Stored XSS in File Download

Using showinline=1 parameter and a valid fileshowinlinetoken CSRF token on filedownload.php, an attacker can execute code by uploading a crafted XHTML attachment referencing a JavaScript attachment. Impact Cross-site scripting Patches - 26647b2e68ba30b9d7987d4e03d7a16416684bc2 Workarounds None...

7.5CVSS6AI score0.00349EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2026/02/18 10:16 p.m.8 views

CVE-2019-25351

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...

8.8CVSS0.00282EPSS
Exploits0References3
osv
osv
added 2026/02/11 10:15 p.m.11 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

7.5CVSS5.8AI score0.00232EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/02/11 12:0 a.m.5 views

PT-2026-7720

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

5.3AI score0.00232EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/11 12:0 a.m.1 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

5.3AI score0.00232EPSS
Exploits0References1
osv
osv
added 2026/02/05 5:16 p.m.5 views

CVE-2020-37117

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.6CVSS6.1AI score
Exploits0References3
attackerkb
attackerkb
added 2026/02/05 4:13 p.m.5 views

CVE-2020-37117

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.8CVSS5.6AI score0.00687EPSS
Exploits1References3Affected Software1
euvd
euvd
added 2026/01/15 3:52 p.m.4 views

EUVD-2026-2777

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

9.8CVSS6.5AI score0.00753EPSS
Exploits1References4
redhatcve
redhatcve
added 2026/01/09 12:46 p.m.9 views

CVE-2005-1575

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160...

5CVSS7.1AI score0.01109EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:43 p.m.8 views

CVE-2005-1576

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files...

2.6CVSS7AI score0.01119EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 12:32 p.m.5 views

CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

6.5CVSS6.7AI score0.0054EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:37 a.m.9 views

CVE-2020-7846

Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page...

8.8CVSS6.9AI score0.01027EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:36 a.m.10 views

CVE-2020-7874

Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to cause an arbitrary file download and execution. This vulnerability is due to incomplete validation of file download URL or file extension...

8.8CVSS7.4AI score0.00584EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:36 a.m.13 views

CVE-2020-7803

IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution...

8.8CVSS7.3AI score0.01168EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/01/08 12:0 a.m.6 views

OPEXUS eComplaint 安全漏洞

OPEXUS eComplaint is a complaint and grievance management platform from OPEXUS USA. A security vulnerability exists in OPEXUS eComplaint versions prior to 9.0.45.0 that originates from an attacker being able to traverse the chargeNumber value, potentially resulting in a file download...

8.7CVSS6.6AI score0.00324EPSS
Exploits0References2
cvelist
cvelist
added 2025/12/17 10:44 p.m.32 views

CVE-2023-53930 ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability

ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.p...

7.5CVSS0.00323EPSS
Exploits1References3
Rows per page
Query Builder