6 matches found
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
CVE-2025-24470
CVE-2025-24470 describes an Improper Resolution of Path Equivalence (CWE-41) in FortiPortal. The issue affects FortiPortal versions up to: 7.0.11, 7.2.0–7.2.6, and 7.4.0–7.4.2. An unauthenticated remote attacker can trigger the vulnerability by sending crafted HTTP requests and may retrieve sourc...
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
CVE-2025-24470
An Improper Resolution of Path Equivalence vulnerability CWE-41 in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests...
Torrential 1.2 Getdox.PHP Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15530/info Torrential is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input. An attacker can exploit this issue to retrieve arbitrary remote PHP code on an...
CVE-2005-1656
Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space "%20"...