Total
63 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1730 | 2025-03-01 | N/A | 6.5 MEDIUM | ||
| The Simple Download Counter plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.0 via the 'simple_download_counter_download_handler'. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including any local file on the server, such as wp-config.php or /etc/passwd. | |||||
| CVE-2025-27137 | 2025-02-24 | N/A | N/A | ||
| Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track allows users with the `SYSTEM_CONFIGURATION` permission to customize notification templates. Templates are evaluated using the Pebble template engine. Pebble supports an `include` tag, which allows template authors to include the content of arbitrary files upon evaluation. Prior to version 4.12.6, users of Dependency-Track with the `SYSTEM_CONFIGURATION` permission can abuse the `include` tag by crafting notification templates that `include` sensitive local files, such as `/etc/passwd` or `/proc/1/environ`. By configuring such a template for a notification rule (aka "Alert"), and having it send notifications to a destination controlled by the actor, sensitive information may be leaked. The issue has been fixed in Dependency-Track 4.12.6. In fixed versions, the `include` tag can no longer be used. Usage of the tag will cause template evaluation to fail. As a workaround, avoid assigning the `SYSTEM_CONFIGURATION` permission to untrusted users. The `SYSTEM_CONFIGURATION` permission per default is only granted to members of the `Administrators` team. Assigning this permission to non-administrative users or teams is a security risk in itself, and highly discouraged. | |||||
| CVE-2025-0630 | 2025-02-04 | N/A | N/A | ||
| Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a local file inclusion attack (LFI), where any authenticated user has privileged access to files on the device's filesystem. | |||||
| CVE-2024-12066 | 2024-12-21 | N/A | 8.8 HIGH | ||
| The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | |||||
| CVE-2024-4230 | 2024-12-19 | N/A | N/A | ||
| External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition. | |||||
| CVE-2024-9142 | 2024-10-14 | N/A | N/A | ||
| External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.This issue affects e-Belediye: before 2.0.642. | |||||
| CVE-2024-9275 | 2024-09-30 | N/A | N/A | ||
| A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-0265 | 1 Oretnom23 | 1 Clinic Queuing System | 2024-05-17 | N/A | 8.8 HIGH |
| A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249821 was assigned to this vulnerability. | |||||
| CVE-2023-4191 | 1 Resort Reservation System Project | 1 Resort Reservation System | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-236234 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-125059 | 1 Sternenblog Project | 1 Sternenblog | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as problematic, has been found in sternenseemann sternenblog. This issue affects the function blog_index of the file main.c. The manipulation of the argument post_path leads to file inclusion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 0.1.0 is able to address this issue. The identifier of the patch is cf715d911d8ce17969a7926dea651e930c27e71a. It is recommended to upgrade the affected component. The identifier VDB-217613 was assigned to this vulnerability. NOTE: This case is rather theoretical and probably won't happen. Maybe only on obscure Web servers. | |||||
| CVE-2023-47147 | 1 Ibm | 1 Sterling Secure Proxy | 2024-03-19 | N/A | 5.3 MEDIUM |
| IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598. | |||||
| CVE-2021-27250 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2023-11-08 | 3.3 LOW | 6.5 MEDIUM |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the errorpage request parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11856. | |||||
| CVE-2022-2400 | 1 Dompdf Project | 1 Dompdf | 2023-07-13 | N/A | 5.3 MEDIUM |
| External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0. | |||||
| CVE-2023-2554 | 1 Bumsys Project | 1 Bumsys | 2023-05-11 | N/A | 7.2 HIGH |
| External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. | |||||
| CVE-2023-1105 | 1 Flatpress | 1 Flatpress | 2023-03-09 | N/A | 8.1 HIGH |
| External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. | |||||
| CVE-2023-1070 | 1 Teampass | 1 Teampass | 2023-03-07 | N/A | 7.1 HIGH |
| External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. | |||||
| CVE-2021-3845 | 1 Ws Scrcpy Project | 1 Ws Scrcpy | 2022-10-28 | 5.0 MEDIUM | 7.5 HIGH |
| ws-scrcpy is vulnerable to External Control of File Name or Path | |||||
| CVE-2022-0246 | 1 Webence | 1 Iq Block Country | 2022-04-15 | 4.0 MEDIUM | 4.9 MEDIUM |
| The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to "Zip Slip" vulnerability. | |||||
| CVE-2022-0593 | 1 Idehweb | 1 Login With Phone Number | 2022-03-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation. | |||||
| CVE-2021-24966 | 1 Bestwebsoft | 1 Error Log Viewer | 2022-03-20 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder | |||||