CVE-2024-58302

FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative users to include arbitrary server files in email templates. Attackers can exploit the template settings by inserting file inclusion payloads to read sensitive system files like /etc/passwd during email...

CVE-2024-58310

The CVE-2024-58310 entry describes a path traversal vulnerability in the APC Network Management Card 4. Affected component is the device’s web interface, where manipulating URL parameters allows unauthenticated attackers to read sensitive files (e.g., /etc/passwd) via directory traversal techniqu...

CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

PT-2025-49939

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam Rehub rehub-theme allows Retrieve Embedded Sensitive Data.This issue affects Rehub: from n/a through = 19.9.9.1...

PT-2025-50269

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description MiniDVBLinux version 5.4 contains a flaw that allows attackers to read sensitive system files. This is possible through the 'file' GET parameter on the about page, enabling disclosure of arbitrary file...

CVE-2025-27368

IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used by the user interface of OpenPages. An authenticated user is able to obtain certain information about system metadata for areas beyond...

CVE-2025-8385

The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5. This is due to insufficient input validation in the zfgetfilebyurl function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read arbitrary...

WordPress plugin WP Popup Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2025-35649

Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-497 in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. This issue affects Command Centre Server: 9.30 prior to...

CVE-2025-52616

HCL Unica 12.1.10 can expose sensitive system information. An attacker could use this information to form an attack plan by leveraging known vulnerabilities in the application...

EUVD-2020-24589

Malware in sbrugna...

EUVD-2018-5243

Malware in sbrugna...

EUVD-2019-14926

Malware in sbrugna...

EUVD-2017-3666

Malware in sbrugna...

EUVD-2016-1517

Malware in sbrugna...

EUVD-2025-18778

Malicious code in bioql PyPI...

EUVD-2025-11128

Malicious code in bioql PyPI...

EUVD-2025-11309

Malicious code in bioql PyPI...

EUVD-2025-10451

Malicious code in bioql PyPI...

EUVD-2025-10664

Malicious code in bioql PyPI...