2 matches found
CVE-2025-55295
CVE-2025-55295 is a path traversal flaw in qBit Manage’s web API. Authenticated users can bypass directory restrictions via the backup_id parameter in the restore_config_from_backup endpoint, allowing reading of arbitrary server files. The issue affects qBit Manage prior to version 4.5.4. The fix...
CVE-2025-55295 qBit Manage Path Traversal Vulnerability
qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability...