Lavalite version 9.0.0 suffers from a path traversal vulnerability.
d6085d1df4bbceda7849d49a14e340d1311171cc8e2f1b42c855dce50beb5675
ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote access as root via ssh.
92decaa3308d461393dc637c13861ced7bcb4cd43a2c333235f9835ee562ecb9
Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities.
9f6dbcbbd09678c80d311d3e820d1c82de2bd7a04264742755ac9d8302b00c0f
Kardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution.
960e6d130eb7b30180562e91395b84ea4b20026b7ec3c0ea3b55a62820151341
ChiKoi version 1.0 suffers from a directory traversal vulnerability.
f6f4c9a329aacc62158437feb049e556fbc94806ccce29cccc65207d028728aa
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference, cross site request forgery as well as cross site scripting in versions up to, and including, 2.0.2.
e3ba7e7e5a2df6cde42d9ee75f8bec79e5251c694adb11dfae0969e813acffdb
OpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities.
878b6d4e07e3ca1216865ef2e9312235d0ef20675c4ac011f7949b86a24ac5af
WordPress Slider Revolution plugin version 4.9.2 suffers from a directory traversal vulnerability.
b974aee33a66e29925be0ab29843b305b114f9a63e635ad75ca2c10d50af3474
WordPress Slider Revolution plugin version 4.6.5 suffers from a directory traversal vulnerability.
c0ad551826885e99515a7f31a6660bf3f6f546a33382b918ec3a80f8f2c57bbc
WordPress Slider Revolution plugin version 4.1.3 suffers from a directory traversal vulnerability.
83b023ff748b63a814933d6674398e32e4fb2ba5c520cc7997e01b2a23da875c
WordPress Slider Revolution plugin version 4.1.2 suffers from a directory traversal vulnerability.
d3b71e6cca26b526cd8c1ef3f9be1a645c838d5b2349fa4c8be240892908d108
WordPress Slider Revolution plugin version 3.0.8 suffers from a directory traversal vulnerability.
129c075ad285b288723e5f16312e3c90c87bccd10a3436f09ab9fdb5cfb03d53
Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected system. This vulnerability may allow an unauthenticated malicious user to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application. Affected versions include HX200 8.3.1.14, HX90 6.11.0.5, HX50L 6.10.0.18, HN9460 8.2.0.48, and HN7000S 6.9.0.37.
01732a937c344613efd7c1ef744f546511c874deecd845ef0ca2d232baf0e177
ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and open redirection vulnerabilities.
ee31da97db0bda4a3b42019ff3e199e34d24625e0b83fa1d18f2b97da9c2728c
A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.
7aa7ca72652dab91234127d8332a19316f0f61be17e1c626e65aae18d9435347
Drupal H5P Module versions 2.0.0 and below suffer from a traversal vulnerability when handling a zipped filename on windows.
29cd61d23f4b78dbb93cdc479cba570c70b094e72db31910170d0c3eb73d58f8
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 suffers from a path traversal vulnerability.
a78de92013681ef6d9eab5f28cda6712397f5a30d67a7a27854785925a87f96a
SAP Manufacturing Execution Core versions 15.1 through 15.3 suffer from a path traversal vulnerability.
d2c66b61de7a4021d8a7f4c40b09c163f1f708ce3aa8581767e5edaefd4cc198
PhotoSync version 4.7 suffers from a local file inclusion vulnerability.
f5e6b3cd183e91afacf647b3547160e0d93026087e059f1843c8761cd5e32985
Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
5e1df728b64bebf1797218fca034b9eeed532e773c31131307d679d65b406b40
InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.
c9873dff912c339fc99f6c1c0d26c32ecee59d977893de8864d051af5bba5038
@Drive version 2.8 suffers from a local file inclusion vulnerability.
1c242342304c59d9a82db2eb45e80f971e783004a6b81e805655fb5adc09c690
FE File Explorer version 11.0.4 suffers from a local file inclusion vulnerability.
9596719bde6a381ce9f18435b2517e8ecf2d1838ab031974d2c37d361f760254
FTPManager version 8.2 suffers from local file inclusion and directory traversal vulnerabilities.
3e761447e17269780279f6f239a28cde76f4d7d642e4fd2bf87303f7df3f583c
Wifi HD Wireless Disk Drive version 11 suffers from a local file inclusion vulnerability.
b20518edc15d62d991e82375c15b066d88b50865b9271eeedc4ac3a8e580a204