Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/04/01 1:48 p.m.25 views

CVE-2026-5271 Possible to hijack modules in current working directory

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

5.6CVSS0.00173EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-2485

Malware in sbrugna...

9.8CVSS9.4AI score0.01725EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/01/11 3:18 p.m.18 views

cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

2.8CVSS6.5AI score0.0041EPSS
Exploits1References18Affected Software2
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.4 views

WordPress Plugin SiteOrigin Widgets Bundle Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.2CVSS6.7AI score0.01034EPSS
Exploits2References2
OSV
OSV
added 2023/02/15 9:15 p.m.4 views

CVE-2023-22855

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...

9.8CVSS6.2AI score0.14832EPSS
Exploits8References5
Prion
Prion
added 2022/11/29 9:15 p.m.13 views

Directory traversal

The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to, and including 2.5.0 due to insufficient input validation on the 'template' attribute used in shortcodes. This makes it possible for attackers with administrative privileges to supply arbitrary paths...

4CVSS5.4AI score0.02484EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2015/03/13 12:0 a.m.18 views

Cisco ASA Local Path Inclusion Vulnerability (cisco-sa-20141008-asa)

A vulnerability in the function that exports environment variables of Cisco ASA Software could allow an authenticated, local attacker to inject a malicious library and take complete control of the system. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a...

6.8CVSS6.3AI score0.00395EPSS
Exploits0References1
Cisco
Cisco
added 2014/10/08 4:9 p.m.29 views

Cisco ASA Local Path Inclusion Vulnerability

A vulnerability in the function that exports environment variables of Cisco ASA Software could allow an authenticated, local attacker to inject a malicious library and take complete control of the system. The vulnerability is due to improper setting of the LDLIBRARYPATH environment. An attacker...

6.8CVSS6.2AI score0.00395EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion

No description provided by source...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/12/10 12:0 a.m.26 views

Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities

Document Title: =============== Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1166 Release Date: ============= 2013-12-10 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
0day.today
0day.today
added 2011/11/26 12:0 a.m.18 views

KomaMail Local Path Inclusion

Exploit for php platform in category web applications Exploit Title: KomaMail Local Path Inclusion Date: 26/11/2011 Author: SnakingMax WebSite: snakingmax.blogspot.com Software Link: http://www.koma-code.de/ProgsZip/KomaMail.zip Version: 3.82 Category: Local Exploit Tested on: Windows XP SP3 0-Da...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/07/30 12:0 a.m.36 views

Mambo Component User Home Pages 0.5 - Remote File Inclusion

Mambo Component User Home Pages 0.5 - Remote File Inclusion Kurdish Security Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : User Home Pges Site : www.ravensportal.co.uk Thanx :...

0.1AI score
Exploits0
Rows per page
Query Builder