WordPress WP All Import plugin <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath' vulnerability

Reflected Cross-Site Scripting via 'filepath' vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin WP All Import versions = 4.0.0...

EUVD-2022-4535

Malicious code in bioql PyPI...

Server side request forgery (ssrf)

FilePathunzip and FilePathuntar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier...

Remote Code Execution (RCE)

codiad/codiad is vulnerable to remote code execution RCE attacks. The library does not properly escape the filepath, allowing a malicious user to inject and execute arbitrary system commands. This CVE is different from CVE-2017-11366 and CVE-2017-15689...

CVE-2004-1217

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to 1 Statsbrowse.asp or 2 Generalbrowse.asp...

CVE-2002-0466

Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to 1 Statsbrowse.asp, 2 servubrowse.asp, 3 browsedisk.asp, 4 browsewebalizerexe.asp, or 5 sqlbrowse.asp...