Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-73 (文件名或路径的外部可控制) — Vulnerability Class 311

311 vulnerabilities classified as CWE-73 (文件名或路径的外部可控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-9142 Local File Inclusion (LFI) in Olgu Computer Systems' e-Belediye — e-Belediye 8.2AIHighAI2024-09-24
CVE-2024-21545 Proxmox Virtual Environment 安全漏洞 — pve-manager 8.2 High2024-09-24
CVE-2024-7626 WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read — WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) 8.1 High2024-09-11
CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection — SPIP 9.8 Critical2024-09-06
CVE-2024-7911 SourceCodester Simple Online Bidding System index.php file inclusion — Simple Online Bidding System 6.3 Medium2024-08-18
CVE-2024-38173 Microsoft Outlook Remote Code Execution Vulnerability — Microsoft Office 2019 6.7 Medium2024-08-13
CVE-2024-38165 Windows Compressed Folder Tampering Vulnerability — Windows 11 version 22H2 6.5 Medium2024-08-13
CVE-2024-7497 itsourcecode Airline Reservation System index.php file inclusion — Airline Reservation System 6.3 Medium2024-08-06
CVE-2024-7496 itsourcecode Airline Reservation System index.php file inclusion — Airline Reservation System 6.3 Medium2024-08-06
CVE-2024-6714 Ubuntu Desktop Provision 安全漏洞 — Ubuntu Desktop Provision 8.8 High2024-07-23
CVE-2024-6937 formtools.org Form Tools Import Option List edit.php curl_exec file inclusion — Form Tools 2.7 Low2024-07-21
CVE-2024-6467 BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress 8.8 High2024-07-17
CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote — vnote 8.8 High2024-07-11
CVE-2024-23317 Gallagher Controller 6000和Gallagher Controller 7000 安全漏洞 — Controller 6000 and Controller 7000 6.3 Medium2024-07-11
CVE-2024-37149 GLPI allows remote code execution through the plugin loader — glpi 7.2 High2024-07-10
CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability — Windows 10 Version 1809 6.6 Medium2024-07-09
CVE-2024-39303 Weblate vulnerabler to improper sanitization of project backups — weblate 4.4 Medium2024-07-01
CVE-2024-5334 Local File Read in stitionai/devika — stitionai/devika 7.5AIHighAI2024-06-27
CVE-2024-27175 Local File Inclusion — Toshiba Tec e-Studio multi-function peripheral (MFP) 4.4 Medium2024-06-14
CVE-2024-37295 Aimeos Core remote code execution in web server context — aimeos-core 7.2 High2024-06-11
CVE-2024-25975 Arbitrary File Overwrite — HAWKI 8.1AIHighAI2024-05-29
CVE-2024-28826 Unrestricted upload and download paths in check_sftp — Checkmk 8.8 High2024-05-29
CVE-2024-20366 Cisco Crosswork Network Services Orchestrator 安全漏洞 — Cisco Network Services Orchestrator 7.8 High2024-05-15
CVE-2024-27945 Siemens RUGGEDCOM CROSSBOW 安全漏洞 — RUGGEDCOM CROSSBOW 7.2 High2024-05-14
CVE-2024-27944 Siemens RUGGEDCOM CROSSBOW 安全漏洞 — RUGGEDCOM CROSSBOW 7.2 High2024-05-14
CVE-2024-27943 Siemens RUGGEDCOM CROSSBOW 安全漏洞 — RUGGEDCOM CROSSBOW 7.2 High2024-05-14
CVE-2024-25965 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 6.1 Medium2024-05-14
CVE-2024-4818 Campcodes Online Laundry Management System index.php file inclusion — Online Laundry Management System 5.3 Medium2024-05-13
CVE-2024-0100 CVE — NVIDIA Triton Inference Server 6.5 Medium2024-05-09
CVE-2024-0087 CVE — NVIDIA Triton Inference Server 9.0 Critical2024-05-09

Vulnerabilities classified as CWE-73 (文件名或路径的外部可控制) represent 311 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.