CVE-2026-28429

Talishar (Flesh and Blood fan project) has a path traversal flaw in the gameName parameter prior to commit 6be3871. ParseGamestate.php can be accessed as a standalone script, allowing directory traversal sequences (e.g., ../) to reach unauthorized files. The issue is mitigated by the patch in com...

ViewVC 路径遍历漏洞

ViewVC is ViewVC open source a Web-based CVS, SVN code repository browsing tool. A path traversal vulnerability exists in ViewVC versions 1.1.0 to 1.1.31 and 1.2.0 to 1.2.3, which stems from a directory traversal in the standalone.py script, which could lead to the disclosure of the contents of t...

OPENSUSE-SU-2021:0145-1 Security update for viewvc

This update for viewvc fixes the following issues: - update to 1.1.28 boo1167974, CVE-2020-5283: security fix: escape subdir lastmod file name 211 fix standalone.py first request failure 195 suppress stack traces with option to show 140 distinguish text/binary/image files by icons 166, 175 colori...