8 matches found
CVE-2026-47182
Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...
CVE-2026-47182 Frappe: Broken Access Control on Private Files
Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...
EUVD-2026-36495
Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...
CVE-2026-47182
Frappe (full‑stack web framework) contains a broken access control flaw in which any authenticated user could access private files by guessing the file path. Affected versions prior to 16.17.4 are vulnerable; the issue is fixed in 16.17.4. Practical impact is unauthorized access to private files,...
Exploit for CVE-2025-49113
VIETNAMESE - ✅ Tính năng: Hỗ trợ upload payload.p...
PT-2024-28459 · Entrust · Entrust Instant Financial Issuance
Name of the Vulnerable Software and Affected Versions: Entrust Instant Financial Issuance On Premise Software versions 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier Description: The issue concerns a configuration file, specifically WebAPI.cfg.xml, which is left behind after the installation...
Disclosure of arbitrary certificate files - ownCloud
The 'Import root certificate' ability that users are able to use once filesexternal is enabled allows users to import their own root certificates for connections. e.g. server-to-server shares to servers using a self-signed certificate or external storages The functionality was using the PHP OpenS...
Tongda OA Office System latest version of the file contains a vulnerability
Tongda OA office system 2015 office anywhere 2015 is a domestic office software. The latest version of Tongda OA Office System 2015 suffers from a file inclusion vulnerability that allows attackers to view leaked file information by guessing the file path...