6 matches found
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
CVE-2025-24470
CVE-2025-24470 describes an Improper Resolution of Path Equivalence (CWE-41) in FortiPortal. The issue affects FortiPortal versions up to: 7.0.11, 7.2.0–7.2.6, and 7.4.0–7.4.2. An unauthenticated remote attacker can trigger the vulnerability by sending crafted HTTP requests and may retrieve sourc...
Torrential 1.2 Getdox.PHP Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15530/info Torrential is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input. An attacker can exploit this issue to retrieve arbitrary remote PHP code on an...
CVE-2005-1656
Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space "%20"...