10 matches found
Path Traversal
saloonphp/saloon is vulnerable to Path Traversal. The vulnerability is due to lack of validation of fixture names used in file path construction, which allows an attacker to manipulate paths and read or write arbitrary files outside the intended directory...
CVE-2026-33183
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
CVE-2026-33183
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
CVE-2026-33183 Saloon has a Fixture Name Path Traversal Vulnerability
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
CVE-2026-33183 Saloon has a Fixture Name Path Traversal Vulnerability
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
CVE-2026-33183 Saloon has a Fixture Name Path Traversal Vulnerability
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
CVE-2026-33183
Saloon is a PHP library for API integrations. CVE-2026-33183 (preβ4.0.0) describes a path-traversal in fixture handling: fixture names could be treated as file paths under the fixture directory, allowing ../ traversal to escape the base directory and read/write arbitrary files if the fixture name...
CVE-2026-33183
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...
Saloon has a Fixture Name Path Traversal Vulnerability
Impact Users with MockResponse fixtures that use path traversal. Patches Upgrade to Saloon v4+ Upgrade guide: https://docs.saloon.dev/upgrade/upgrading-from-v3-to-v4 Description Fixture names were used to build file paths under the configured fixture directory without validation. A name containin...
PT-2026-28161
Name of the Vulnerable Software and Affected Versions Saloon versions prior to 4.0.0 Description Saloon is a PHP library used for building API integrations and SDKs. Prior to version 4.0.0, the library lacked validation when constructing file paths from fixture names. This allowed names containin...