Total
6513 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-5887 | 1 Shopxo | 1 Shopxo | 2024-08-04 | N/A |
An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of the FileUtil.php file, the input parameters are not checked, resulting in input mishandling by the rmdir method. Attackers can delete arbitrary files by using "../" directory traversal. | ||||
CVE-2019-5927 | 1 Weban | 1 An | 2024-08-04 | N/A |
Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2019-5910 | 1 Housegate | 1 House Gate | 2024-08-04 | N/A |
Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2019-5936 | 1 Cybozu | 1 Garoon | 2024-08-04 | N/A |
Directory traversal vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to obtain files without access privileges via the application 'Work Flow'. | ||||
CVE-2019-5923 | 1 Ichain | 1 Insurance Wallet | 2024-08-04 | N/A |
Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2019-5418 | 5 Debian, Fedoraproject, Opensuse and 2 more | 8 Debian Linux, Fedora, Leap and 5 more | 2024-08-04 | 7.5 High |
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. | ||||
CVE-2019-5480 | 1 Statichttpserver Project | 1 Statichttpserver | 2024-08-04 | N/A |
A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders. | ||||
CVE-2019-5484 | 1 Bower | 1 Bower | 2024-08-04 | 7.5 High |
Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is extracted. | ||||
CVE-2019-5423 | 1 Http-live-simulator Project | 1 Http-live-simulator | 2024-08-04 | N/A |
Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker. | ||||
CVE-2019-5447 | 1 Http-file-server Project | 1 Http-file-server | 2024-08-04 | 5.3 Medium |
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders. | ||||
CVE-2019-5438 | 1 Harpjs | 1 Harp | 2024-08-04 | 5.3 Medium |
Path traversal using symlink in npm harp module versions <= 0.29.0. | ||||
CVE-2019-5444 | 1 Serve-here.js Project | 1 Serve-here.js | 2024-08-04 | 5.3 Medium |
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder. | ||||
CVE-2019-5416 | 1 Localhost-now Project | 1 Localhost-now | 2024-08-04 | N/A |
A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server. | ||||
CVE-2019-5417 | 1 Zeit | 1 Serve | 2024-08-04 | N/A |
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server. | ||||
CVE-2019-5356 | 1 Hp | 1 Intelligent Management Center | 2024-08-04 | N/A |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||||
CVE-2019-5251 | 1 Huawei | 18 Enjoy 7s, Enjoy 7s Firmware, Honor 20s and 15 more | 2024-08-04 | 5.5 Medium |
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. | ||||
CVE-2019-5221 | 1 Huawei | 2 Mate 20 X, Mate 20 X Firmware | 2024-08-04 | N/A |
There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1). | ||||
CVE-2019-3967 | 1 Open-emr | 1 Openemr | 2024-08-04 | N/A |
In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system. | ||||
CVE-2019-3943 | 1 Mikrotik | 1 Routeros | 2024-08-04 | 8.1 High |
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk). | ||||
CVE-2019-3976 | 1 Mikrotik | 1 Routeros | 2024-08-04 | 8.8 High |
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled. |