CVE-2017-20248 WordPress Plugin Apptha Slider Gallery 1.0 Path Traversal File Download

Apptha Slider Gallery 1.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the imgname parameter. Attackers can send requests to asgallDownload.php with directory traversal sequences ../ to access sensitive files outside the...

Apptha Slider Gallery 路径遍历漏洞

Apptha Slider Gallery is a website image carousel and gallery display plugin provided by Apptha Corporation. Version 1.0 of Apptha Slider Gallery contains a path traversal vulnerability. This vulnerability stems from improper handling of the imgname parameter, which may allow unauthenticated...

CVE-2025-1335

A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9. Affected is the function deleteimgaction in the library lib/admin/fileadmin.php. The manipulation of the argument imgname leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

CmsEasy 路径遍历漏洞

CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy company. A path traversal vulnerability exists in CmsEasy version 7.7.7.9, which stems from the parameter imgname of the function deleteimgaction that causes path traversal...

PT-2025-6878 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability was found in the function deleteimg action in the library lib/admin/file admin.php. The manipulation of the argument imgname leads to path traversal. It is possible to launch the attack...

PT-2025-6879 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability has been found in the function deleteimg action in the library lib/admin/image admin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched...

CVE-2020-10457

Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...

WordPress Photoracer plugin <= 1.0 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Photoracer plugin = 1.0 SQL Injection Vulnerability Google Dork: inurl:wp-content/plugins/photoracer/viewimg.php Date: 2011-08-26 Author: evilsocket evilsocket at gmail dot com Software Link: http://wordpress.org/extend/plugins/photorace...