A vulnerability was found in rickxy Stock Management System and classified as problematic.php?action=add. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
When using tasks to read config files, there is a risk of database password disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Server since 4.3.0 can result in arbitrary files being overwritten on the server's file system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.
A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.