38 matches found
EUVD-2014-8619
Malware in sbrugna...
EUVD-2014-8618
Malware in sbrugna...
EUVD-2022-5230
Malicious code in bioql PyPI...
EUVD-2024-53556
Malicious code in bioql PyPI...
CVE-2020-15015
The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document...
CVE-2024-57249
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses...
Gleamtech FileVista 9.2.0.0 Missing Authorization Vulnerability
A vulnerability exists in Gleamtech FileVista version 9.2.0.0 that allows unauthorized access to image files, even after the HTTP cookie associated with the session is deleted. The issue arises due to insufficient validation of session or authentication tokens on the server side. Exploit Title:...
Gleamtech FileVista 9.2.0.0 Directory Traversal Vulnerability
Exploit Title: Gleamtech FileVista 9.2.0.0 - Directory Traversal Leading to Unrestricted File Upload Date: Feb 6, 2025 Exploit Author: Suthiwat Thepsorn , Theerachai Chanwiroon , Pongtorn Angsuchotmetee , Manich Koomsusi Vendor Homepage: https://www.gleamtech.com/ Software Link:...
CVE-2024-57249
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses...
CVE-2024-57248
Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files...
CVE-2024-57249
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses...
PT-2025-5991 · Gleamtech · Gleamtech Filevista
Name of the Vulnerable Software and Affected Versions: Gleamtech FileVista version 9.2.0.0 Description: The issue allows remote attackers to achieve code execution, information disclosure, and escalation of privileges via injecting malicious payloads in HTTP requests to manipulate file paths,...
FileVista 安全漏洞
FileVista is a web file manager from GleamTech Individual Developers. A security vulnerability exists in FileVista version 9.2.0.0 that originates from directory traversal during file uploads and allows remote attackers to execute code, disclose information, and elevate privileges...
CVE-2024-57248
Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files...
CVE-2024-57248
Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files...
CVE-2024-57249
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses...
Gleamtech FileVista 9.2.0.0 Directory Traversal
A security vulnerability in FileVista version 9.2.0.0 allows an authenticated admin user to upload malicious files via directory traversal, bypassing security controls. Exploit Title: Gleamtech FileVista 9.2.0.0 - Directory Traversal Leading to Unrestricted File Upload Date: Feb 6, 2025 Exploit...
Gleamtech FileVista 9.2.0.0 Missing Authorization
A vulnerability exists in Gleamtech FileVista version 9.2.0.0 that allows unauthorized access to image files, even after the HTTP cookie associated with the session is deleted. The issue arises due to insufficient validation of session or authentication tokens on the server side. Exploit Title:...
GleamTech FileUltimate Cross-site Scripting
The FileExplorer component in GleamTech FileUltimate 6.1.5 allows XSS via an SVG document...
GHSA-RRWX-8WM4-QHH4 GleamTech FileUltimate Cross-site Scripting
The FileExplorer component in GleamTech FileUltimate 6.1.5 allows XSS via an SVG document...