119 matches found
CVE-2025-6209 Arbitrary File Read through Path Traversal in run-llama/llama_index
A path traversal vulnerability exists in run-llama/llamaindex versions 0.12.27 through 0.12.40, specifically within the encodeimage function in genericutils.py. This vulnerability allows an attacker to manipulate the imagepath input to read arbitrary files on the server, including sensitive syste...
CVE-2025-6209 Arbitrary File Read through Path Traversal in run-llama/llama_index
A path traversal vulnerability exists in run-llama/llamaindex versions 0.12.27 through 0.12.40, specifically within the encodeimage function in genericutils.py. This vulnerability allows an attacker to manipulate the imagepath input to read arbitrary files on the server, including sensitive syste...
CVE-2023-5120
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image file path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...
CVE-2023-1381
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code...
PHPGurukul Boat Booking System 注入漏洞
PHPGurukul Boat Booking System is a boat booking system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Boat Booking System, which stems from SQL injection due to incorrect manipulation of the parameter ID in the file /admin/change-image.php...
Directory Traversal
Overview label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Directory Traversal via the download function due to improper input validation when processing image references during task exports. . An attacker can access files outside the intended...
PT-2024-7419 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions 9.1.6, 9.2.3, and 9.3.0 Description: A low-privileged user without the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic...
PT-2024-20543 · Unknown · Casaos-Userservice
Name of the Vulnerable Software and Affected Versions: CasaOS-UserService versions prior to 0.4.7 Description: The issue concerns a path traversal vulnerability in the UserService API, which allows an unauthorized actor to access any file on the system due to insufficient path filtering for user...
Arbitrary File Read
com.bstek.ureport/ureport2-core is vulnerable to Arbitrary File Read. The vulnerability is due to a lack of image path santization. The image path provided by the user is directly append to the obtained path into the FileInputStream method. This allows an attacker to submit malicious data, leadin...
CVE-2023-6307 jeecgboot JimuReport image path traversal
A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by this vulnerability is an unknown functionality of the file /download/image. The manipulation of the argument imageUrl leads to relative path traversal. The attack can be launched remotely. The exploi...
CVE-2023-5120
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image file path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...
PT-2023-28907 · Unknown · Shokoserver
Name of the Vulnerable Software and Affected Versions: ShokoServer affected versions not specified Description: The issue affects ShokoServer, a media server for organizing anime. In affected versions, the "/api/Image/WithPath" endpoint is accessible without authentication and is supposed to retu...
VulnCheck KEV: CVE-2022-31374
An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...
CVE-2023-1381
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code...
WordPress plugin WP Meta SEO 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
PT-2023-16944 · WordPress · Wp Meta Seo
Name of the Vulnerable Software and Affected Versions: WP Meta SEO WordPress plugin versions prior to 4.5.5 Description: The issue arises from the plugin not validating image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Additionally,...
CVE-2022-31374
An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...
CVE-2022-30804
elitecms v1.01 is vulnerable to Delete any file via /admin/deleteimage.php?file=...
GHSA-WCJ4-FF9M-5R7G ImpressCMS Path Traversal to Arbitrary File Delete
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the imagepath parameter in a cancel action...
CVE-2022-30367
Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=deleteimg...