33 matches found
Hardened Repository error: "veeam-grp-backup group has no rights on the backup folder"
Challenge When editing the properties of a Hardened Repository that has been upgraded to Veeam Hardened Repository version 13 for Veeam Backup & Replication 13 using the Veeam Infrastructure Appliance ISO, and was originally created using the Veeam Hardened Repository ISO version 2.0 for Veeam...
EUVD-2002-1168
Malware in sbrugna...
FreeScout Security Bypass Vulnerability (CNVD-2025-20796)
FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by incorrect configuration of the root folder of the object Storage. An attacker could exploit the...
CVE-2024-5735
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0...
lollms vulnerable to path traversal due to unauthenticated root folder settings change
A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be...
GHSA-9CHM-M6X2-6FVC lollms vulnerable to path traversal due to unauthenticated root folder settings change
A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be...
CVE-2024-6085
A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be...
General Electric Healthcare Ultrasound 路径遍历漏洞
GE General Electric Healthcare Ultrasound is a medical sonic detection device from General Electric GE. A path traversal vulnerability exists in General Electric Healthcare Ultrasound. An attacker could exploit this vulnerability to access files and directories stored outside of the web root fold...
in bookstackapp/bookstack
Description The dompdf chroot option in Bookstack App is set to basepath, which is the Laravel root folder /var/www/bookstack. An attacker can hence load any image file in the Laravel folder /var/www/bookstack or its subdirectories via PDF exports. Proof of Concept 1: Place an image file in...
WordPress Media File Organizer plugin directory traversal vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A directory traversal vulnerability exists in version 1.0.1 of the Media File Organizer plugin for...
CVE-2020-24143
Directory traversal in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter...
CVE-2020-24144
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
GHSA-8HQ2-FCQM-39HQ Malicious Package in rimrafall
Version 1.0.0 of rimrafall contains malicious code as a preinstall script. The package attempts to remove all files in the system's root folder. Recommendation If you installed this package it is likely your machine was erased. If not, remove the package from your system and verify if any files...
SmarterMail 16 - Arbitrary File Upload Exploit
Exploit for multiple platform in category web applications Exploit Title: SmarterMail 16 - Arbitrary File Upload Google Dork: inurl:/interface/root Exploit Author: vvhack.org Vendor Homepage: https://www.smartertools.com Software Link: https://www.smartertools.com Version: 16.x Tested on: Windows...
CVE-2020-5343
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder...
Directory traversal
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory...
Dracnmap v2.2 - Exploit Network and Gathering Information with Nmap
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the...
PHP Power Browse 1.2 Path Traversal
Exploit Title: PHP Power Browse v1.2 - Path Traversal Google Dork: intitle:PHP Power Browse inurl:browse.php Exploit Author: Manuel Mancera sinkmanu | sinkmanu at gmail dot com Software URL: https://github.com/arzynik/PHPPowerBrowse Version: 1.2 Vulnerability Type : Path traversal Severity : High...