3 matches found
CVE-2025-48604
In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48604
In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
ZendTo 路径遍历漏洞
ZendTo is a Web-based file transfer system from ZendTo, a UK-based company. A security vulnerability exists in ZendTo versions 6.15-7 and earlier, which stems from a path traversal in the file drop feature that could lead to retrieval of other user files or host system files, or cause a denial of...