CVE-2025-22369 Mennekes smart/premium charges systems, Arbitrary file download using ReadFile endpoint

The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to read arbitrary files from the underlying OS...

CVE-2025-22369

The CVE-2025-22369 vulnerability affects Mennekes Smart/Premium charging points firmware. The ReadFile endpoint can be abused to read arbitrary files from the underlying OS, with impact on confidentiality described as HIGH. Affected versions are firmware prior to 2.15; a fixed release 2.15 exists...

WordPress plugin WPLMS Learning Management System 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2024-51998 Path traversal using file URI scheme without supplying hostname in changedetection.io

changedetection.io is a free open source web page change detection tool. The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. The...

PT-2024-40610 · Assimp · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to a crash in the Assimp library, specifically in the InternReadFile function of the NDOImporter class, which is called by BaseImporter::ReadFile and Importer::ReadFile...

CVE-2024-34523

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-34523

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-34523

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

PT-2023-35821 · Assimp · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to a crash caused by a bad-cast in the Assimp library. Specifically, it occurs when attempting to cast to Assimp::BaseImporter from an invalid vptr. This happens in the...

GDidees CMS 3.9.1 - Local File Disclosure Vulnerability

Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 and lower versions w...

SUSE CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2022-28195

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4readfile function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of...

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

Deserialization of untrusted data

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

WordPress plugin Admin Word Count Column路径遍历漏洞

WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. PHP is a scripting language that executes on the server side. WordPress plugin Admin An arbitrary file reading vulnerability exists in Word Count Column 2.2 and earlier versions, which...

Heap-based Buffer Overflow in vim/vim

Description Heap-buffer-overflow in vim Proof of Concept ./vim -u NONE -X -Z -e -s -S poc3 -c :qa! POC3 is here. Bt ==728741==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000025500 at pc 0x0000008961b2 bp 0x7ffca76ad0b0 sp 0x7ffca76ad0a8 READ of size 1 at 0x621000025500 thread T0...

CVE-2021-21905

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

CVE-2021-21905

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

CVE-2021-21906

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...