Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2025/08/22 12:0 a.m.4 views

PT-2025-34345 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR affected versions not specified Description: WebITR developed by Uniong is susceptible to an Arbitrary File Reading issue. This allows remote attackers with regular privileges to exploit Absolute Path Traversal and download arbitrary...

7.1CVSS7.1AI score0.00094EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/07/18 9:9 a.m.5 views

CVE-2025-6233 Arbitrary file read by system admin via path traversal

Mattermost versions 10.8.x = 10.8.1, 10.7.x = 10.7.3, 10.5.x = 10.5.7, 9.11.x = 9.11.16 fail to sanitize input paths of file attachments in the bulk import JSONL file, which allows a system admin to read arbitrary system files via path traversal...

6.8CVSS0.00398EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2025/06/27 9:42 a.m.16 views

curl: arbitrary file read via `file://` path traversal with `--path-as-is`

Summary: Using --path-as-is with a file:// URL skips normalization of .. segments allowing reading of any local file the process can access Affected version curl 8.15.0-DEV commit 2a9dfe275, June 27, 2025 on Kali Linux 2024.3, x8664 Steps To Reproduce: 1. bulild curl with debug and ASan: git clon...

6.6AI score
Exploits0
CVE
CVEadded 2025/06/09 3:56 p.m.55 views

CVE-2025-31050

CVE-2025-31050 pertains to the WordPress plugin Apptha Slider Gallery. Affected versions are listed as n/a through 2.5, with the underlying issue described as an improper limitation of a pathname to a restricted directory, i.e., a path traversal vulnerability. This allows an unauthenticated attac...

7.5CVSS5.9AI score0.00498EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:56 a.m.7 views

CVE-2024-47166

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

5.3CVSS6.5AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/12/11 10:47 p.m.10 views

CVE-2024-55658 SiYuan has an arbitrary file read and path traversal via /api/export/exportResources

SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host system by traversi...

8.7CVSS6.9AI score0.00877EPSS
Exploits0References2
Rows per page
Query Builder