10 matches found
CVE-2026-54352
Budibase has a high-severity arcane file-read issue via the PWA ZIP upload endpoint. Prior to 3.39.9, a workspace-builder could upload a ZIP containing a symlink to a root-available file (for example, /data/.env or /etc/shadow) and, because extract-zip preserves absolute targets and the icon vali...
Astra Linux – Vulnerability in Firefox
Uploading files that contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox 115...
CVE-2026-2490
RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obtain the ability to execute low-privileged...
📄 Ghost CMS 5.59.1 Arbitrary File Read
Ghost CMS version 5.59.1 proof of concept arbitrary file read exploit. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link:...
Ghost CMS 5.59.1 - Arbitrary File Read
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1, zipfile, tempfile Usag...
Ghost CMS 5.59.1 Arbitrary File Read
Ghost CMS version 5.59.1 proof of concept arbitrary file reading exploit. ============================================================================================================================================= | Title : Ghost CMS v 5.59.1 PHP Code Injection Vulnerability | | Author :...
Exploit for Path Traversal in Ghost
CVE-2023-40028: Ghost CMS Arbitrary File Read Description...
Exploit for CVE-2024-50404
CVE-2024-50404 - https://www.qnap.com/en/security-advisory/qsa...
Exploit for Path Traversal in Ghost
CVE-2023-40028 PoC Exploit Symlink Upload Vulnerability in Gho...
Exploit for Path Traversal in Ghost
CVE-2023-40028 Proof of Concept This repository contains a pr...