12 matches found
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
EUVD-2025-206457
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
CVE-2025-69601 affects 66biolinks v44.0.0 (AltumCode) in the app’s “Static Sites” feature. A Zip Slip directory traversal occurs when ZIP archives are uploaded, as files are extracted without path validation, allowing traversal sequences (e.g., ../) to write outside the extraction directory. Repo...
PT-2026-5187
Name of the Vulnerable Software and Affected Versions 66biolinks version 44.0.0 Description A directory traversal issue exists in the “Static Sites” feature. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences...
CVE-2025-54793
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
[SECURITY] Fedora 40 Update: maven-doxia-sitetools-1.11.1-10.fc40
Doxia is a content generation framework which aims to provide its users with powerful techniques for generating static and dynamic content. Doxia can be used to generate static sites in addition to being incorporated into dynamic content generation systems like blogs, wikis and content management...