CVE-2026-7132

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and cou...

CVE-2026-7132

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and cou...

CVE-2017-20212

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...

PT-2026-1666

Name of the Vulnerable Software and Affected Versions FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Description The software contains an information disclosure issue that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit...

CVE-2017-20212

The CVE-2017-20212 entry concerns FLIR Thermal Camera F/FC/PT/D firmware 8.0.0.64. Affected component: the web application path /var/www/data/controllers/api/xml.php, where readFile() reads local files without authentication. Root cause: unverified input parameters allow information disclosure. I...

CVE-2017-20212 FLIR Thermal Camera F/FC/PT/D 8.0.0.64 Information Disclosure via File Reading

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...

EUVD-2021-9076

Malicious code in bioql PyPI...

Bottinelli Informatical Vedo Suite File Inclusion Vulnerability

Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A file inclusion vulnerability exists in Bottinelli Informatical Vedo Suite, which stems from an uncleaned readfile function call that can be exploited by an...

CVE-2021-21905

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

CVE-2005-0596

PHP 4 PHP4 allows attackers to cause a denial of service daemon crash by using the readfile function on a file whose size is a multiple of the page size...

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-2917

ChestnutCMS up to version 1.5.3 is affected by a path traversal vulnerability in the readFile function at /dev-api/cms/file/read. By manipulating the filePath argument, an attacker can traverse directories and potentially access sensitive files. The issue is exploitable remotely, and public explo...

ChestnutCMS 路径遍历漏洞

ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A path traversal vulnerability exists in ChestnutCMS 1.5.3 and earlier versions, which originates from a path traversal in the readFile function and may be exploited...

WordPress plugin WPLMS Learning Management System 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2023-35821 · Assimp · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to a crash caused by a bad-cast in the Assimp library. Specifically, it occurs when attempting to cast to Assimp::BaseImporter from an invalid vptr. This happens in the...

CVE-2021-21905

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

CVE-2021-21905

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

Stack overflow

Stack-based buffer overflow in the ReadFile function in fltBMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file...

CVE-2013-3928

CVE-2013-3928 : A stack-based buffer overflow exists in the ReadFile function of flt_BMP.dll used by Chasys Draw IES (BMP parsing). The flaw allows remote attackers to trigger arbitrary code execution by supplying a specially crafted BMP file (affecting versions prior to 4.11.02). Confirmed affec...