13 matches found
CVE-2026-22256
Salvo is a Rust web backend framework. Prior to version 0.88.1, the function listhtml generate an file view of a folder which include a render of the current path, in which its inserted in the HTML without proper sanitation, this leads to reflected XSS using the fact that request path is decoded...
EUVD-2023-52318
Malicious code in bioql PyPI...
CVE-2024-11145
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5...
CVE-2024-11145 Easy Folder Listing Pro deserialization vulnerability
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5...
CVE-2024-11145 Easy Folder Listing Pro deserialization vulnerability
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5...
PT-2024-16787 · Valor Apps · Easy Folder Listing Pro
Name of the Vulnerable Software and Affected Versions: Valor Apps Easy Folder Listing Pro versions prior to 3.8 and 4.5 Description: The issue is a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! applicatio...
Valor Apps Easy Folder Listing Pro 安全漏洞
Valor Apps Easy Folder Listing Pro is a flexible, easy-to-use extension from Valor Apps for listing the contents of any folder. A security vulnerability exists in Valor Apps Easy Folder Listing Pro versions prior to 4.5, which stems from the presence of a deserialization vulnerability that allows...
CVE-2023-48249
The vulnerability allows an authenticated remote attacker to list arbitrary folders in all paths of the system under the context of the application OS user “root” via a crafted HTTP request. By abusing this vulnerability, it is possible to steal session cookies of other active users...
Bosch Nexo Cordless nutrunner Security Vulnerability
Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows an authenticated, remote attacker to list arbitrary folders in all paths of the system...
CVE-2008-1291
ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder...
Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability
Document Title: =============== Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1157 Release Date: ============= 2013-12-05 Vulnerability Laboratory ID VL-ID: ====================================...
CVE-2010-4963
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the orderby parameter...
CVE-2008-1291
Removed by vendor...