NocoDB version <= 0.106.1 - Arbitrary File Read

NocoDB through 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, includi...

Gitblit 1.9.3 - Local File Inclusion

Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ e.g., followed by a WEB-INF or META-INF pathname. id: CVE-2022-31268 info: name: Gitblit 1.9.3 - Local File Inclusion author: 0xAkoko severity: high description: | Gitblit 1.9.3 is vulnerable to local file inclusion via...

Windmill/Nextcloud Flow < 1.603.3 - Unauthenticated Path Traversal

Windmill 1.603.3 contains a path traversal caused by unsanitized filename parameter in getlogfile endpoint, letting unauthenticated attackers read arbitrary files on the server, exploit requires no authentication. id: CVE-2026-29059 info: name: Windmill/Nextcloud Flow 1.603.3 - Unauthenticated Pa...

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure

Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability caused by improper validation of the 'READ.filePath' parameter in fileread script and SendCGICMD API, letting authenticated attackers read arbitrary system files. id: CVE-2019-25246 info: name: BEWARD...

Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read

An arbitrary file read vulnerability, also known as a "path traversal" or "directory traversal" vulnerability, occurs when an attacker is able to access files on a system that they shouldn't have access to. This vulnerability arises from improper input validation or insufficient access controls i...

WordPress Advanced Access Manager - Path Traversal

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive file...

LOLLMS WebUI - Absolute Path Traversal

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the openfile endpoint of lollmsadvanced.py. The sanitizepath function with allowabsolutepath=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can...

Spring Framework - Path Traversal

Spring Framework MVC applications deployed as WAR or with embedded Servlet containers that do not reject suspicious URI sequences and serve static resources with Spring resource handling contain a path traversal vulnerability, letting attackers access unauthorized files, exploit requires...

Vite - Path Traversal

Vite versions prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13 contain a file exposure vulnerability caused by improper handling of request URLs with '' in the dev server running on Node or Bun, letting attackers access arbitrary files, exploit requires the server to be exposed to the network an...

WordPress OrderConvo < 14 - Path Traversal

WooCommerce OrderConvo WordPress plugin \u003C 14 contains a path traversal vulnerability caused by improper validation of file download paths, letting unauthenticated attackers read or download arbitrary files remotely id: CVE-2025-10162 info: name: WordPress OrderConvo 14 - Path Traversal autho...

Symfony HttpFoundation - Access Control Bypass via PATH_INFO

Symfony HttpFoundation component = 2.0.0 and prior to versions 5.4.50, 6.4.29, and 7.3.7 contains an access control bypass vulnerability. The Request class improperly interprets some PATHINFO values, producing URL paths without a leading /. This allows bypassing access control rules that are buil...

ionCube Tester Plus <= 1.3 - Local File Inclusion

The ionCube Tester Plus plugin for WordPress versions = 1.3 is vulnerable to unauthenticated arbitrary file read via path traversal. The 'ininame' parameter in loader-wizard.php is not properly sanitized, allowing attackers to read sensitive files such as wp-config.php and /etc/passwd without...

pgAdmin < 6.17 - Unauthenticated Remote Code Execution

pgAdmin prior to 6.17 contains an insecure HTTP API caused by improper access control, letting unauthenticated users execute arbitrary external utilities via path manipulation, exploit requires no authentication. id: CVE-2022-4223 info: name: pgAdmin 6.17 - Unauthenticated Remote Code Execution...

Campaign Monitor for WordPress - Information Disclosure

Campaign Monitor for WordPress plugin for WordPress versions up to 2.8.15 contains a full path disclosure caused by improper access restriction and enabled displayerrors in /forms/views/admin/create.php, letting unauthenticated attackers retrieve server paths, exploit requires displayerrors to be...

Blinko <= 1.8.3 - Path Traversal via /plugins

Blinko = 1.8.3 contains a path traversal caused by improper path concatenation without verification in the plugin file server endpoint, letting remote attackers access arbitrary files, exploit requires network access. id: CVE-2026-23483 info: name: Blinko = 1.8.3 - Path Traversal via /plugins...

Flowise 1.4.3 - Arbitrary File Read

Flowise 1.4.3 contains a path traversal caused by lack of sanitization of 'fileName' parameter in /api/v1/openai-assistants-file endpoint in index.ts, letting attackers read arbitrary files, exploit requires attacker to send crafted request. id: CVE-2024-36420 info: name: Flowise 1.4.3 - Arbitrar...

LoLLMS WebUI < 9.8 - Path Traversal

parisneo/lollms-webui contains a path traversal caused by improper handling of 'category' parameter in /listpersonalities endpoint, letting attackers list arbitrary directories, exploit requires control over 'category' parameter. id: CVE-2024-4322 info: name: LoLLMS WebUI 9.8 - Path Traversal...

Yonyou YonBIP - Path Traversal

Yonyou YonBIP v3 and before contains a path traversal caused by improper validation in the LoginWithV8 interface of the series data application service system, letting unauthorized attackers access sensitive information. id: CVE-2025-66744 info: name: Yonyou YonBIP - Path Traversal author:...

CAREL Boss Mini <= 1.4.0 - Local File Inclusion

Boss Mini 1.4.0 Build 6221 contains a file inclusion caused by manipulation of the 'path' argument in boss/servlet/document, letting remote attackers include arbitrary files, exploit requires remote access. id: CVE-2023-3643 info: name: CAREL Boss Mini = 1.4.0 - Local File Inclusion author:...

WordPress Backup Migration <= 1.3.6 - Path Traversal

WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...