10 matches found
PT-2026-25816
Name of the Vulnerable Software and Affected Versions ZwickRoell Test Data Management versions prior to 3.0.8 Description The software contains a local file inclusion issue in the /server/node upgrade srv.js endpoint. An attacker can provide directory traversal sequences through the firmware...
CVE-2025-12047
Lenovo Scanner Pro is reported to have a vulnerability that, under certain conditions during an internal security assessment, could allow an attacker on the same logical network to disclose sensitive user files from the application. The available documents provide a high-level impact description ...
CVE-2024-25711
diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/idrsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted...
CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...
Directory Traversal
Overview std/net/url is a Go standard library package std/net/url Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report: JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go"...
CVE-2020-14490
OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files specified within its parameter and executes some files, which may allow disclosure of sensitive files or the execution of malicious uploaded files...
CVE-2020-14490
OpenClinic GA versions 5.09.02 and 5.89.05b contain a path traversal vulnerability (CWE-22) that allows arbitrary local files to be specified via parameters and may execute uploaded files, risking disclosure of sensitive data and code execution. The issue corresponds to CVE-2020-14490; root cause...
CVE-2020-14490 OpenClinic GA
OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files specified within its parameter and executes some files, which may allow disclosure of sensitive files or the execution of malicious uploaded files...
Ultimate HR System 1.2 Cross Site Scripting / Directory Traversal
Exploit Title: HRM - Workable Zone : Ultimate HR System Last Name Other vulnerable fields include: First Name, Contact Number Unauthenticated Directory Traversal: http://localhost.com/download?type=document&filename=../../../../../etc/passwd Credits & Authors: ================== 8bitsec -...
sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal
sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal source: https://www.securityfocus.com/bid/8516/info SAP is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of sensitive files. The problem occurs due...