CVE-2025-66608

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

Linux Distros Unpatched Vulnerability : CVE-2020-1934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Note that Nessus relies o...

The vulnerability of D-Link DI-7300G+ microprogrammed software lies in the lack of measures taken to neutralize special elements during the processing of the ASP file httpd_debug.asp, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DI-7300G+ router microprogramming software is related to the lack of measures taken to neutralize special elements during the processing of the asp-file httpddebug.asp. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2025-48471 FreeScout Vulnerable to Arbitrary File Upload

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, the application does not check or performs insufficient checking of files uploaded to the application. This allows files to be uploaded with the phtml and phar extensions, which can lead to remote code executi...

CVE-2023-36607

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...

Authorization

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...

Apache Atlas path traversal vulnerability

Apache Atlas is a scalable and extensible set of core functional governance services from the Apache Foundation.Apache Atlas versions 0.8.4 through 2.2.0 have a path traversal vulnerability that stems from improper input validation in the import module, which could be exploited by an authenticate...

CVE-2020-10457

Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence ../ via the POST parameter imgName for the new name and imgUrl for the current file to be renamed...

[SECURITY] [DSA 2510-1] extplorer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2510-1 [email protected] http://www.debian.org/security/ Luciano Bello July 12, 2012 http://www.debian.org/security/faq -...

PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal

source: https://www.securityfocus.com/bid/12690/info PBLang is reported prone to a directory traversal vulnerability. It is reported that the issue exists due to a lack of sufficient sanitization performed on user-supplied input. A remote attacker may exploit this condition to reveal the contents...

ibrow NewsDesk does not securely handle input passed to open()

Overview A vulnerability in ibrow NewsDesk allows an attacker to view files and execute operating system commands with the privileges of the web server. Description ibrow NewsDesk is a Perl CGI script that is designed to create and display news articles on a web site. The code for NewsDesk is...

CVE-1999-0175

The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server...