CVE-2023-4171

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be...

CVE-2024-13991 Huijietong Cloud Video Platform fileDownload Arbitrary File Read

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

EUVD-2015-1011

Malware in sbrugna...

EUVD-2015-1012

Malware in sbrugna...

EUVD-2015-1010

Malware in sbrugna...

EUVD-2024-35185

Malicious code in bioql PyPI...

CVE-2024-35081

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...

CVE-2024-35081

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...

CVE-2024-35081

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...

CVE-2024-35081

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...

CVE-2024-35081

LuckyFrameWeb v3.5.2 is affected by CVE-2024-35081: an arbitrary file deletion vulnerability exposed through the fileName parameter in the fileDownload method. The issue allows deletion of files and is described as a security vulnerability with high integrity impact (I: high) while confidentialit...

LuckyFrameWeb 安全漏洞

LuckyFrameWeb is an open source testing platform open source by LuckyFrameWeb. A security vulnerability exists in LuckyFrameWeb version v3.5.2, which originates from an arbitrary file deletion via the fileName parameter in the fileDownload method...

CVE-2024-33118

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController...

PT-2024-25120 · Unknown · Luckyframeweb

Name of the Vulnerable Software and Affected Versions: LuckyFrameWeb version 3.5.2 Description: The issue is related to an arbitrary read vulnerability. It affects the fileDownload method in the class com.luckyframe.project.common.CommonController. Recommendations: For LuckyFrameWeb version 3.5.2...

LuckyFrameWeb 安全漏洞

LuckyFrameWeb is an open source testing platform open-sourced by LuckyFrameWeb. A security vulnerability exists in LuckyFrameWeb version v3.5.2, which was discovered to contain an arbitrary read vulnerability via the fileDownload method in the com.luckyframe.project.common.CommonController class...

CVE-2024-33118

LuckyFrameWeb v3.5.2 is affected by an arbitrary read in the fileDownload method of com.luckyframe.project.common.CommonController. Evidence from multiple sources confirms the vulnerable version and component, with CVSSv3.1 base score 7.5 (HIGH) and network attack vector. Technical details across...

CVE-2024-33118

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController...

PT-2024-20241 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 4.3.0-RC1 and prior Description: An arbitrary file download issue exists, allowing an attacker to download files by passing specially crafted filePath and fileName parameters to the fileDownload function in the...

CVE-2023-4171

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be...

CVE-2023-4171 Chengdu Flash Flood Disaster Monitoring and Warning System FileDownload.ashx path traversal

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be...