An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.
A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.
The Zephyr Project Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.203 via the `file` parameter. This makes it possible for authenticated at
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows a
An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server
through the adopted authority of the AdminServer proces
A security issue was discovered in the Feast Feature Server's `/read-document` endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a s
FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated a
An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation
WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in the
An Authentication Bypass by Primary Weakness
in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device.
Mitel OpenScape Accounting Management through V5 R1.1.0 could allow an authenticated attacker with administrative privileges to conduct a path traversal attack due to insufficient sanitization of user
ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - #146 and earlier, the /admin_area/template_editor.php endpoint is vulnerable to path traversal. The validation of the fi
A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known.
An authenticated local file inclusion vulnerability exists in Microweber CMS versions <= 1.2.11 through misuse of the backup management API. Authenticated users can abuse the /api/BackupV2/upload and
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint `http:///v3/file?to
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file int
OpenZiti is a free and open source project focused on bringing zero trust to any application. An endpoint on the admin panel can be accessed without any form of authentication. This endpoint accepts a
Page 1+ Next →