3 matches found
CVE-2025-32943
Summary (peer-reviewed sources confirm): CVE-2025-32943 affects PeerTube’s HLS endpoint, where a path traversal flaw allows any authenticated user to leak contents of arbitrary ".m3u8" files from the server. The vulnerability is rooted in improper input handling on the HLS path, enabling access t...
CVE-2024-45816
In Backstage, the vulnerability CVE-2024-45816 affects the techdocs-backend plugin when using AWS S3 or GCS storage providers. The root cause is directory traversal through TechDocs storage access, allowing an attacker to read content across the entire storage bucket and bypass Backstage permissi...
CVE-2018-19968
An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has...