MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to p
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting (XSS) vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input
Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through <=
A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argume
A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes
Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET request
A directory traversal vulnerability exists in Ivanti LANDesk Management Gateway through 4.2-1.9. By appending %3F.php to the URI of the /client/index.php endpoint, an attacker can bypass access contro
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0.12.40, specifically within the `encode_image` function in `generic_utils.py`. This vulnerability allows an att
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to
Apptha Slider Gallery 1.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the imgname parameter. Attackers can send requests t
A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of
A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the `DiskIOStore.make` method within the Keras 3 model saving and loading library. This vulnerability arises f
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.1.99995 allows attackers to write arbitrary files unto the system via a crafted .inv3 file.
A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipul
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.13.3. This is due to the modula_list_folders AJAX endpoint t
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary fil
e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the
A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07, including VOS2009 and early VOS3000 builds, that allows unauthenticated remote attackers to read arbitrary file
Mini Mouse 9.3.0 contains a path traversal vulnerability that allows attackers to access sensitive system directories through the device information endpoint. Attackers can retrieve file lists from sy
Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers c
Page 1+ Next →