575 matches found
Blossom 路径遍历漏洞
Blossom is a project management platform developed by Blossom Inc. Versions of Blossom prior to 1.17.1 contained a path traversal vulnerability. This vulnerability stemmed from improper path handling in the file upload component, which could lead to path traversal attacks...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
CVE-2023-4216
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the fileurl parameter when importing a CSV file, allowing high privilege users with the managewoocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however...
CVE-2021-41449
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet...
CVE-2025-23092
Mitel OpenScape Accounting Management through V5 R1.1.0 could allow an authenticated attacker with administrative privileges to conduct a path traversal attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to upload arbitrary files and execute...
CVE-2022-42188
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server...
CVE-2021-33692
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...
CVE-2024-34033
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten...
CVE-2013-6127
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...
CVE-2025-1228
A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1=LOGMonitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal...
Fluent Bit 安全漏洞
Fluent Bit is an open source log processing and analysis system written in C by Fluent Open Source. A security vulnerability exists in Fluent Bit that stems from not properly cleaning up tagged values, which could lead to a path traversal attack that allows files to be written to unintended...
EUVD-2020-26455
Malware in sbrugna...
EUVD-2020-25456
Malware in sbrugna...
EUVD-2016-10167
Malware in sbrugna...
EUVD-2017-6984
Malware in sbrugna...
EUVD-2018-19715
Malware in sbrugna...
EUVD-2017-5295
Malware in sbrugna...
EUVD-2020-9338
Malware in sbrugna...
EUVD-2016-10290
Malware in sbrugna...
EUVD-2020-1683
Malware in sbrugna...