Medium
CVSS: 5.3
Swing Music is a self-hosted music player for local audio files. Prior to version 2.1.4, Swing Music's `list_folders()` function in the `/folder/dir-browser` endpoint is vulnerable to directory traversal attacks. Any authenticated user (inc…
Critical
CVSS: 9.1
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution.
Low
CVSS: 3.3
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.