Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain sensitive information via the id parameter.
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory.
A security issue was discovered in the Feast Feature Server's `/read-document` endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a s
WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files.
An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices.
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary syste
A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open (e.g., /tmp/we
An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.
xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal
PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unau
The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to th
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
A Path Traversal vulnerability in AllSky v2023.05.01 through v2024.12.06_06 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includ
In Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler.
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root director
A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an unauthenticated remote attacker to view some system files. Successful exploitation could al
A CWE-35 "Path Traversal" in the template download mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP req
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX15
Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can
A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750,