13 matches found
CVE-2026-45233
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...
CVE-2026-45233 HTMLy CMS 3.1.1 Path Traversal via oldfile Parameter in Autosave
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...
EUVD-2026-39459
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...
CVE-2026-45233 HTMLy CMS 3.1.1 Path Traversal via oldfile Parameter in Autosave
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...
CVE-2026-45233
The CVE details a path traversal in HTMLy CMS (up to version 3.1.1) where an authenticated, low-privilege user can relocate arbitrary files via the admin autosave endpoint. The root cause is unsanitized directory traversal sequences passed to file_exists() and rename() in admin.php without canoni...
CVE-2020-36893
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...
CVE-2020-36893
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...
CVE-2020-36893 Eibiz i-Media Server Digital Signage 3.8.0 Directory Traversal Vulnerability
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...
CVE-2020-36893
The CVE-2020-36893 entry concerns Eibiz i-Media Server Digital Signage 3.8.0, which contains a directory traversal vulnerability exploitable via the oldfile parameter. The issue allows unauthenticated remote attackers to read files outside the server root, including sensitive configuration files ...
Eibiz i-Media Server Digital Signage 路径遍历漏洞
Eibiz i-Media Server Digital Signage is a digital signage server from Eibiz Thailand. A path traversal vulnerability exists in Eibiz i-Media Server Digital Signage version 3.8.0, which stems from a directory traversal in the oldfile parameter, which could lead to file access...
PT-2025-50514
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...
CVE-2021-46062
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName...
Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal
Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal Date: 2020-08-22 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Affected version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 oldfile File Path Traversal Vendor: EIBIZ Co.,Ltd. Produ...