CVE-2026-7213

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5597 griptape-ai griptape ComputerTool tool.py path traversal

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

EUVD-2026-10202

A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

PT-2026-23895

Name of the Vulnerable Software and Affected Versions SourceCodester Modern Image Gallery App version 1.0 Description A path traversal issue exists in SourceCodester Modern Image Gallery App version 1.0. The issue is located in the /delete.php file, specifically affecting an unknown function...

CVE-2026-2551 ZenTao Backup control.php delete path traversal

A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...

CVE-2025-15431

A flaw has been found in UTT 进取 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. Executing a manipulation of the argument filename can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The...

EUVD-2007-4424

Malware in sbrugna...

EUVD-2005-0398

Malware in sbrugna...

EUVD-2008-1465

Malware in sbrugna...

EUVD-2005-2278

Malware in sbrugna...

EUVD-2024-49353

Malicious code in bioql PyPI...

EUVD-2021-30243

Malicious code in bioql PyPI...

CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command...

PT-2025-34680 · Lostvip Com · Ruoyi-Go

Name of the Vulnerable Software and Affected Versions: lostvip-com ruoyi-go versions prior to 2.1 Description: A security flaw exists in the DownloadTmp/DownloadUpload function within the modules/system/controller/CommonController.go file. Manipulation of the fileName argument can lead to a path...

PT-2025-29271 · Unknown · Kone-Net Go-Chat

Name of the Vulnerable Software and Affected Versions: kone-net go-chat affected versions not specified Description: A critical issue exists in the Endpoint component of kone-net go-chat. The GetFile function within go-chat/api/v1/file controller.go is susceptible to path traversal due to...

PT-2025-24440

Name of the Vulnerable Software and Affected Versions Whistle version 2.9.98 Description A vulnerability has been found in the file /cgi-bin/sessions/get-temp-file, where the manipulation of the filename argument leads to path traversal. The exploit has been disclosed to the public and may be use...

PT-2025-22870 · H3C · H3C Seccenter Smp-E1114P02

Name of the Vulnerable Software and Affected Versions: H3C SecCenter SMP-E1114P02 up to 20250513 Description: A vulnerability was found in the function downloadSoftware of the file /cfgFile/downloadSoftware. The manipulation of the argument filename leads to path traversal. The attack can be...

CVE-2023-6362

A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler SEH registers. This could allow attackers to execute arbitrary code via a long filename argument...

CVE-2023-6361

A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler SEH registers. This could allow attackers to execute arbitrary code via a long filename argument...