Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions.
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
Any unauthenticated attacker can bypass the localhost
restrictions posed by the application and utilize this to create
arbitrary packages
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions.
WordPress Plugin ultimate-member 2.1.3 contains a local file inclusion vulnerability that allows authenticated attackers to include arbitrary files by manipulating the pack parameter in class-admin-up
A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This vulnerability allows an attacker to access any file on the system by sending multiple crafted requests to the s
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fa
An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup en
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
PHPYun before 7.0.2 is vulnerable to code execution through backdoor-restricted arbitrary file writing and file inclusion.
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Yozi yozi allows PHP Local File Inclusion.This issue affects Yozi: fr
Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
← Previous Page 5