2097 matches found
CVE-2025-13322
The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all versions up to, and including, 2.0. This is due to the wpaguploadaudiocallback AJAX handler not properly validating user-supplied file paths in the audioupload...
EUVD-2025-198519
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data...
CVE-2025-31248
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...
CVE-2025-31248
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data...
CVE-2025-31248
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data...
CVE-2025-31248
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...
CVE-2025-31248
CVE-2025-31248 involves a parsing issue in the handling of directory paths. The root cause is improper path validation, addressed by and fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, and macOS Sonoma 14.7.3. Impact per the sources: an app may be able to access sensitive user data due to the ...
EUVD-2025-198389
The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all versions up to, and including, 2.0. This is due to the wpaguploadaudiocallback AJAX handler not properly validating user-supplied file paths in the audioupload...
WordPress plugin WP AUDIO GALLERY 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-47703
Name of the Vulnerable Software and Affected Versions WP AUDIO GALLERY plugin for WordPress versions prior to 2.1 Description The WP AUDIO GALLERY plugin for WordPress is susceptible to arbitrary file deletion. This is caused by inadequate file path validation within the wpag uploadaudio callback...
BASIS BBj 安全漏洞
BASIS BBj is a language environment from BASIS, Inc. A security vulnerability exists in BASIS BBj versions prior to 25.00 that stems from not properly validating or normalizing input path segments, which could lead to a directory traversal attack...
aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
WordPress Data Tables Generator by Supsystic plugin Arbitrary File Deletion Vulnerability
WordPress Data Tables Generator by Supsystic plugin is WordPress plugin for creating interactive tables and charts that support data visualization and dynamic content presentation. WordPress Data Tables Generator by Supsystic plugin has an arbitrary file deletion vulnerability that stems from...
EUVD-2025-197809
PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations...
CVE-2025-63918
PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations...
CVE-2025-63918
CVE-2025-63918 affects the PDFPatcher executable. The root cause is insufficient validation of user-supplied file paths, enabling directory traversal attacks that allow attackers to upload arbitrary files to arbitrary locations. The entry notes a local attack vector with low complexity and high i...
PDFPatcher 安全漏洞
PDFPatcher is a PDF toolkit for WMJ individual developers. A security vulnerability exists in PDFPatcher that stems from insufficient file path validation and could lead to a directory traversal attack...
CVE-2025-12494
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaximportfile function in all versions up to, and including, 2.12.28. This makes it possible for authenticated attackers, with author-level...
CVE-2025-12494
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaximportfile function in all versions up to, and including, 2.12.28. This makes it possible for authenticated attackers, with author-level...
CVE-2025-12494
CVE-2025-12494 affects the WordPress plugin Image Gallery – Photo Grid & Video Gallery (modula-best-grid-gallery) up to version 2.12.28. The flaw arises from insufficient file path validation in the ajax_import_file function, allowing an authenticated attacker with author-level access (or higher)...