Lucene search
K

11 matches found

Nuclei
Nuclei
added 13 hours ago30 views

Personal Weather Station Dashboard 12 - Directory Traversal

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext. id: CVE-2025-47423 info: name: Personal Weather...

5.8CVSS7.3AI score0.02114EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-13912

Malicious code in bioql PyPI...

5.8CVSS9AI score0.02114EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/09 12:28 a.m.15 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS7.2AI score0.02114EPSS
Exploits1References1
NVD
NVD
added 2025/05/07 6:15 p.m.16 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS0.02114EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20287 · Unknown · Pws Personal Weather Station Dashboard

Name of the Vulnerable Software and Affected Versions: Personal Weather Station Dashboard version 12 lts Description: The issue allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to "/others/ test.php". This can be exploited to read...

5.8CVSS9.2AI score0.02114EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/05/07 12:0 a.m.9 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS5.8AI score0.02114EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/07 12:0 a.m.16 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS0.02114EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.12 views

Personal Weather Station Dashboard 安全漏洞

Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from the PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard, which stems from a directory traversal vulnerability in /test.php that could lead to reading arbitrary files...

5.8CVSS9AI score0.02114EPSS
Exploits1References3
CVE
CVE
added 2025/05/07 12:0 a.m.97 views

CVE-2025-47423

CVE-2025-47423 affects Personal Weather Station Dashboard (12_lts). A directory traversal fault in /others/_test.php (test parameter) allows unauthenticated remote readers to access arbitrary files, including server private keys. Root cause: insufficient sanitization of the test parameter enablin...

5.8CVSS5.8AI score0.02114EPSS
Exploits1References2
CVE
CVE
added 2023/04/25 12:0 a.m.46 views

CVE-2022-45291

CVE-2022-45291 affects the PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS 2012_lts. The vulnerability enables remote code execution by injecting PHP into settings.php, with exploitation paths including PWS_printfile.php, PWS_frame_text.php, PWS_listfile.php, PWS_winter.php, and PWS_ea...

7.2CVSS7.5AI score0.01326EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.6 views

Personal Weather Station Dashboard 信任管理问题漏洞

Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard. An attacker can exploit this vulnerability to execute remote code by injecting PHP code into settings.php...

7.2CVSS7.5AI score0.01326EPSS
Exploits1References4
Rows per page
Query Builder