Meari com.meari.sdk 安全漏洞

Meari com.meari.sdk is a development toolkit for IoT communication and device management software, developed by Meari Corporation in China. There is a security vulnerability in Meari com.meari.sdk, which stems from failed server-side authorization. This vulnerability could allow unauthorized...

PT-2025-23251 · WordPress · Ninja Forms +4

Name of the Vulnerable Software and Affected Versions: The Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin for WordPress versions up to, and including, 1.4.4 Description: The issue allows unauthenticated attackers to retrieve the full path of the...

CVE-2024-13536

The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retriev...

CVE-2024-6562

CVE-2024-6562 concerns the affiliate-toolkit – WordPress Affiliate Plugin for WordPress. The vulnerability is a Full Path Disclosure present in all versions up to and including 3.5.5, caused by display_errors being set to true. This allows unauthenticated attackers to retrieve the full path of th...

CVE-2024-37032

Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...

CVE-2023-0100

A flaw was found In Eclipse BIRT, where the default configuration allowed retrieval of a report from the same host using an absolute HTTP path for the report parameter for example, report=http://xyz.com/report.rptdesign. The report would be retrieved if the host indicated in the report parameter...

PYSEC-2021-887

GattLib 0.3-rc1 has a stack-based buffer over-read in getdevicepathfrommac in dbus/gattlib.c...

Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities

Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...

Coppermine Photo Gallery 1.4.22 - SQL Injection

!/usr/bin/perl Coppermine Photo Gallery '; banner; $lwp-defaultheader'Accept-Language: en-us,en;q=0.5'; my $html = injrequest' WHERE x'; Wrong query to obtain an error ifnot defined $html print "- Request mistake. Exploit terminated!\n"; exit ; elsif$html = /There was an error while processing a...

Небольшая проблема в IBM Net.Data (path retrieval)

Можно мполучить информацию о физическом расположении файлов...