CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

CVE-2025-12203

Summary: CVE-2025-12203 affects givanz Vvveb up to 1.0.7.3, specifically the sanitizeFileName function in Code Editor’s file system/functions.php. The issue allows remote path traversal via manipulation of the File argument. Impact (as stated): Path traversal could lead to unauthorized file acces...

CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

Vvveb 路径遍历漏洞

Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. A path traversal vulnerability exists in Vvveb version 1.0.7.3 and earlier, which stems from incorrect manipulation of File, a parameter of the function sanitizeFileName of...

EUVD-2017-15367

Malware in sbrugna...

VvvebJs Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php...

CVE-2024-29272

Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php...

CVE-2024-29272

Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php...

CVE-2024-29272

Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php...

PT-2024-22844 · Vvvebjs · Vvvebjs

Name of the Vulnerable Software and Affected Versions: VvvebJs versions prior to 1.7.5 Description: The issue allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in the "save.php" file. This enables remote attacks,...

Directory traversal

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."...

CVE-2017-6306

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."...