EUVD-2026-34136

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-44239

FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...

WinMTR 安全漏洞

WinMTR is an open-source network diagnostic tool developed by WinMTR. Version 0.91 of WinMTR contains a security vulnerability, which stems from a buffer overflow. This vulnerability could allow attackers to cause the application to crash by sending malicious load files containing repeated...

CVE-2026-5595

The CVE-2026-5595 entry affects griptape-ai griptape 0.19.4, specifically the FileManagerTool functions load_files_from_disk, list_files_from_disk, save_content_to_file, and save_memory_artifacts_to_disk, with a path traversal flaw. The issue can be exploited remotely and the exploit has been pub...

EUVD-2023-2072

Malicious code in bioql PyPI...

PT-2025-32404 · Photodex · Proshow Producer

Name of the Vulnerable Software and Affected Versions: Photodex ProShow Producer version 5.0.3256 Description: Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in...

iTop 路径遍历漏洞

iTop is a platform that provides all the resources needed to optimize iTop. A security vulnerability exists in iTop versions 3.0.4 and 3.1.1 that stems from a flaw in the dashboard editor. An attacker exploiting this vulnerability could load multiple files and URLs, as well as expose the full pat...

Contao 代码注入漏洞

Contao is an open source content management system CMS developed using PHP. The system supports search engines, rights management, and CSS frameworks. Contao has a security vulnerability that can be exploited by an attacker to load PHP files by entering an insertion token in the Contao backend...

OWASP Xenotix XSS Exploit Framework v4.5

Version 4.5 Additions JavaScript Beautifier Pause and Resume support for Scan Jump to Payload Cookie Support for POST Request Cookie Support and Custom Headers for Header Scanner Added TRACE method Support Improved Interface Better Proxy Support WAF Fingerprinting Load Files Hash Calculator Hash...