Filtered by CWE-28
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-2059 1 Dedecms 1 Dedecms 2024-08-02 4.3 Medium
A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225944.
CVE-2024-27810 2024-08-02 9.8 Critical
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to read sensitive location information.