CVE-2026-33581

OpenClaw before 2026.3.24 contains a sandbox bypass vulnerability in the message tool that allows attackers to read arbitrary local files by using mediaUrl and fileUrl alias parameters that bypass localRoots validation. Remote attackers can exploit this by routing file requests through unvalidate...

CVE-2021-27193

Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system privileges resulting in a privilege escalation...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via improper validation of file URLs and UNC-style paths in the media loading process. An attacker can cause network-hosted files to be treated as local content by...

Sonarr 路径遍历漏洞

Sonarr is a software developed by Sonarr Corporation that helps with finding, downloading, and organizing television programs. Versions of Sonarr prior to 4.0.17.2950 contained a path traversal vulnerability. This vulnerability stemmed from the API not restricting file access to specific...

TinaCMS 安全漏洞

TinaCMS is an open-source headless CMS for Markdown, MDX, and JSON developed by Tina. Versions of TinaCMS prior to 2.1.8 contained security vulnerabilities. These vulnerabilities stemmed from the TinaCMS CLI development server having a lax CORS policy configured. Combined with path traversal...

PT-2026-23475

Name of the Vulnerable Software and Affected Versions OpenMQ affected versions not specified Description An unsafe parsing of OpenMQ’s configuration allows a remote attacker to read arbitrary files from a MQ Broker’s server. Full exploitation could lead to reading unauthorized files from the Open...

CVE-2026-26222

Altec DocLink now maintained by Beyond Limits Inc. version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.soap". The service does not require authentication and is vulnerable to unsafe object unmarshalling,...

Beyond Limits DocLink 代码问题漏洞

Beyond Limits DocLink is a document management and process automation software developed by the American company Beyond Limits. Version 4.0.336.0 of Beyond Limits DocLink contains a code vulnerability. This vulnerability stems from an insecure.NET Remoting endpoint that lacks authentication and h...

FLIR Systems AX8 Cameras Path Traversal (CVE-2023-51127)

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

CVE-2019-25352

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

PT-2026-4564

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's...

CVE-2021-47850 Mini Mouse 9.2.0 - Path Traversal

Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...

EUVD-2026-2714

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

CVE-2014-4941

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php...

CVE-2014-4937

Directory traversal vulnerability in includes/bookxexport.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CVE-2005-1571

Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the 1 ShowAlbum, 2 ShowVideo, or 3 ShowGraphic scripts...

CVE-2023-40747

Directory traversal vulnerability exists in A.K.I Software's PMailServer/PMailServer2 products' CGIs included in Internal Simple Webserver. If this vulnerability is exploited, a remote attacker may access arbitrary files outside DocumentRoot...

CVE-2010-0676

Directory traversal vulnerability in index.php in the RWCards comrwcards component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter...

CVE-2001-1510

Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server JWS, and possibly other web servers allows remote attackers to read arbitrary files and directories by appending 1 "%3f.jsp", 2 "?.jsp" or 3 "?" to the requested URL...

CVE-2021-33564

An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features...