11 matches found
Personal Weather Station Dashboard 12 - Directory Traversal
Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext. id: CVE-2025-47423 info: name: Personal Weather...
EUVD-2025-13912
Malicious code in bioql PyPI...
CVE-2025-47423
Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...
CVE-2025-47423
Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...
PT-2025-20287 · Unknown · Pws Personal Weather Station Dashboard
Name of the Vulnerable Software and Affected Versions: Personal Weather Station Dashboard version 12 lts Description: The issue allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to "/others/ test.php". This can be exploited to read...
CVE-2025-47423
CVE-2025-47423 affects Personal Weather Station Dashboard (12_lts). A directory traversal fault in /others/_test.php (test parameter) allows unauthenticated remote readers to access arbitrary files, including server private keys. Root cause: insufficient sanitization of the test parameter enablin...
CVE-2025-47423
Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...
CVE-2025-47423
Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...
Personal Weather Station Dashboard 安全漏洞
Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from the PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard, which stems from a directory traversal vulnerability in /test.php that could lead to reading arbitrary files...
CVE-2022-45291
CVE-2022-45291 affects the PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS 2012_lts. The vulnerability enables remote code execution by injecting PHP into settings.php, with exploitation paths including PWS_printfile.php, PWS_frame_text.php, PWS_listfile.php, PWS_winter.php, and PWS_ea...
Personal Weather Station Dashboard 信任管理问题漏洞
Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard. An attacker can exploit this vulnerability to execute remote code by injecting PHP code into settings.php...