EUVD-2024-55330

FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative users to include arbitrary server files in email templates. Attackers can exploit the template settings by inserting file inclusion payloads to read sensitive system files like /etc/passwd during email...

RaspAP security vulnerability

RaspAP is application software for simple wireless AP setup and management of Debian-based devices. A security vulnerability exists in RaspAP 3.0.9 and earlier versions, which stems from a vulnerability that allows remote attackers to read the /etc/passwd file via a crafted request...

CVE-2018-17785

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...

CVE-2000-0271

In CVE-2000-0271, Emacs 20’s read-passwd and related Lisp functions do not properly clear the history of recently typed keys. This can allow an attacker to read unencrypted passwords stored in the command history. The issue is rooted in the Lisp password/history handling within Emacs 20. The prov...