2 matches found
CVE-2025-11563
A flaw was found in wcurl. This vulnerability allows a remote attacker to manipulate the location where output files are saved. By crafting a malicious URL with percent-encoded slashes, the attacker can trick the wcurl command-line tool into writing files outside of the intended directory. This...
CVE-2025-11563
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...