Total
345 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6691 | 1 Brainstormforce | 1 Sureforms | 2025-07-11 | N/A | 8.1 HIGH |
|
The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
|
|||||
| CVE-2025-4602 | 1 Emagicone | 1 Emagicone Store Manager For Woocommerce | 2025-07-11 | N/A | 5.9 MEDIUM |
|
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the get_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the creden ...
Show More |
|||||
| CVE-2025-4603 | 1 Emagicone | 1 Emagicone Store Manager For Woocommerce | 2025-07-11 | N/A | 9.1 CRITICAL |
|
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This is only exploitable by unauthenticated attackers in default configurations w ...
Show More |
|||||
| CVE-2025-26646 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, .net and 3 more | 2025-07-10 | N/A | 8.0 HIGH |
|
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
|
|||||
| CVE-2025-29819 | 1 Microsoft | 1 Windows Admin Center | 2025-07-10 | N/A | 6.2 MEDIUM |
|
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
|
|||||
| CVE-2025-25478 | 1 Syspass | 1 Syspass | 2025-07-09 | N/A | 6.5 MEDIUM |
|
The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password.
|
|||||
| CVE-2025-1972 | 1 Webtoffee | 1 Import Export Wordpress Users | 2025-07-09 | N/A | 2.7 LOW |
|
The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.6.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary log files on the server.
|
|||||
| CVE-2025-1911 | 1 Webtoffee | 1 Product Import Export For Woocommerce | 2025-07-09 | N/A | 2.7 LOW |
|
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.5.0. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary log files on the server.
|
|||||
| CVE-2025-47956 | 1 Microsoft | 1 Windows Security App | 2025-07-09 | N/A | 5.5 MEDIUM |
|
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
|
|||||
| CVE-2024-38657 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-07-09 | N/A | 4.9 MEDIUM |
|
External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files.
|
|||||
| CVE-2025-6463 | 1 Incsub | 1 Forminator | 2025-07-07 | N/A | 8.8 HIGH |
|
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entry_delete_upload_files' function in all versions up to, and including, 1.44.2. This makes it possible for unauthenticated attackers to include arbitrary file paths in a form submission. The file will be deleted when the form submission is deleted, whether by an Administrator or via auto-deletion determined by plu ...
Show More |
|||||
| CVE-2025-24996 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-03 | N/A | 6.5 MEDIUM |
|
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
|
|||||
| CVE-2025-49588 | 2025-07-03 | N/A | N/A | ||
|
Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other user's links (and in some cases it might be possible to leak environment secrets). This issue has been patched in version 2.10.3 which has not been made public at time of publication.
|
|||||
| CVE-2024-33671 | 1 Veritas | 1 Backup Exec | 2025-06-30 | N/A | 7.7 HIGH |
|
An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files.
|
|||||
| CVE-2024-57394 | 1 Qianxin | 1 Tianqing Endpoint Security Management System | 2025-06-23 | N/A | 8.8 HIGH |
|
The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities.
|
|||||
| CVE-2025-36506 | 2025-06-16 | N/A | 6.5 MEDIUM | ||
|
External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data.
|
|||||
| CVE-2024-1244 | 2025-06-12 | N/A | N/A | ||
|
Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for remote code execution or used to escalate privileges to SYSTEM via AD CS certificate forging and other similar attacks.
|
|||||
| CVE-2025-3419 | 1 Themewinter | 1 Eventin | 2025-06-04 | N/A | 7.5 HIGH |
|
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxy_image() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2025-3431 | 1 Digitalzoomstudio | 1 Zoomsounds | 2025-06-04 | N/A | 7.5 HIGH |
|
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2024-55371 | 1 Wallosapp | 1 Wallos | 2025-06-03 | N/A | 9.8 CRITICAL |
|
Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an authenticated attacker (being an administrator is not required) to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands.
|
|||||
| CVE-2024-55372 | 1 Wallosapp | 1 Wallos | 2025-06-03 | N/A | 9.8 CRITICAL |
|
Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands.
|
|||||
| CVE-2020-36772 | 1 Cloudlinux | 1 Cagefs | 2025-05-30 | N/A | 4.4 MEDIUM |
|
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.
|
|||||
| CVE-2025-32802 | 2025-05-29 | N/A | 6.1 MEDIUM | ||
|
Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths.
This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.
|
|||||
| CVE-2021-21343 | 6 Apache, Debian, Fedoraproject and 3 more | 15 Activemq, Jmeter, Debian Linux and 12 more | 2025-05-23 | 5.0 MEDIUM | 5.3 MEDIUM |
|
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in the deletion of a file on the local host. No user is affected, who followed the r ...
Show More |
|||||
| CVE-2025-2409 | 2025-05-23 | N/A | 9.1 CRITICAL | ||
|
File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
|
|||||
| CVE-2024-51553 | 2025-05-23 | N/A | 6.5 MEDIUM | ||
|
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
|
|||||
| CVE-2025-26684 | 1 Microsoft | 1 Defender For Endpoint | 2025-05-19 | N/A | 6.7 MEDIUM |
|
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2024-0849 | 1 Leanote | 1 Desktop | 2025-05-19 | N/A | 5.0 MEDIUM |
|
Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR.
|
|||||
| CVE-2025-3812 | 2025-05-19 | N/A | 8.1 HIGH | ||
|
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
|
|||||
| CVE-2022-42893 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-30 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2022-42732 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2022-42891 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2022-42734 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2022-42733 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2025-29709 | 1 Torrahclef | 1 Company Website Cms | 2025-04-23 | N/A | 9.8 CRITICAL |
|
SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
|
|||||
| CVE-2025-29708 | 1 Torrahclef | 1 Company Website Cms | 2025-04-23 | N/A | 9.8 CRITICAL |
|
SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services.
|
|||||
| CVE-2025-43951 | 2025-04-23 | N/A | 9.8 CRITICAL | ||
|
LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve arbitrary files from the environment via the objectname request parameter.
|
|||||
| CVE-2024-2155 | 1 Mayurik | 1 Best Pos Management System | 2025-04-22 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability was found in SourceCodester Best POS Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255587.
|
|||||
| CVE-2025-3103 | 2025-04-21 | N/A | 7.5 HIGH | ||
|
The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon plugin for WordPress is vulnerable to arbitrary file read due to insufficient file path validation in the 'history.php' file in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to read arbitrary files on the affected site's server, which may contain sensitive information including database credentials. The vulnerability was partially patched in version 2.4.
|
|||||
| CVE-2024-33860 | 1 Logpoint | 1 Siem | 2025-04-18 | N/A | 6.5 MEDIUM |
|
An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs.
|
|||||