CVE-2025-4538

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2024-46647

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via uploadfiles...

WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Web-Based Management WBM functionality of WAGO PFC 200 03.03.1015. A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigg...

CVE-2019-1889

A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller APIC Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checki...

CVE-2018-15465

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged levels 0 and 1, remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of...

DedeCms v5. 6 embed malicious code execution vulnerabilities and fixes-vulnerability warning-the black bar safety net

Published:2011-03-02 Affected version: DedeCms v5. 6 vulnerability description: In the upload software of the Local, the local address not be effectively verified, it can be maliciously used reference toby57 Test method: Registered members, upload software: the local address filled in...

Обратный путь в директориях aspapload (directory traversal)

Обратный путь в директориях в демонстрационных ASP-скриптах...