Total
6517 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26299 | 1 Ftp-srv Project | 1 Ftp-srv | 2024-08-04 | 6.3 Medium |
| ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands, for example, CWD and UPDR. When windows separators exist within the path (`\`), `path.resolve` leaves the upper pointers intact and allows the user to move beyond the root folder defined for that user. We did not take that into account when creating the path resolve function. The issue is patched in version 4.4.0 (commit 457b859450a37cba10ff3c431eb4aa67771122e3). | ||||
| CVE-2020-26279 | 1 Protocol | 1 Go-ipfs | 2024-08-04 | 7.7 High |
| go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1. | ||||
| CVE-2020-26285 | 1 Openmage | 1 Openmage | 2024-08-04 | 8.7 High |
| OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an executable file on the server. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved | ||||
| CVE-2020-26252 | 1 Openmage | 1 Openmage | 2024-08-04 | 8.7 High |
| OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server and load it via layout xml. The latest OpenMage Versions up from 19.4.10 and 20.0.6 have this issue solved. | ||||
| CVE-2020-26295 | 1 Openmage | 1 Openmage | 2024-08-04 | 8.7 High |
| OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved | ||||
| CVE-2020-25985 | 1 Monocms | 1 Monocms | 2024-08-04 | 8.1 High |
| MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted). | ||||
| CVE-2020-25873 | 1 Baijiacms Project | 1 Baijiacms | 2024-08-04 | 6.5 Medium |
| A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter. | ||||
| CVE-2020-25872 | 1 Frogcms Project | 1 Frogcms | 2024-08-04 | 4.9 Medium |
| A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter. | ||||
| CVE-2020-25881 | 1 Ranko | 1 Rkcms | 2024-08-04 | 5.5 Medium |
| A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vulnerability allows for an attacker to perform a directory traversal via a crafted .txt file. | ||||
| CVE-2020-25780 | 1 Commvault | 1 Commcell | 2024-08-04 | 7.5 High |
| In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder. | ||||
| CVE-2020-25734 | 1 Webtareas Project | 1 Webtareas | 2024-08-04 | 5.3 Medium |
| webTareas through 2.1 allows files/Default/ Directory Listing. | ||||
| CVE-2020-25623 | 1 Erlang | 1 Erlang\/otp | 2024-08-04 | 7.5 High |
| Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used. | ||||
| CVE-2020-25540 | 1 Thinkadmin | 1 Thinkadmin | 2024-08-04 | 7.5 High |
| ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter. | ||||
| CVE-2020-25617 | 1 Solarwinds | 1 N-central | 2024-08-04 | 8.8 High |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows Relative Path Traversal by an authenticated user of the N-Central Administration Console (NAC), leading to execution of OS commands as root. | ||||
| CVE-2020-25248 | 1 Hyland | 1 Onbase | 2024-08-04 | 7.5 High |
| An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Directory traversal exists for reading files, as demonstrated by the FileName parameter. | ||||
| CVE-2020-25237 | 1 Siemens | 2 Sinec Network Management System, Sinema Server | 2024-08-04 | 8.1 High |
| A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054) | ||||
| CVE-2020-25247 | 1 Hyland | 1 Onbase | 2024-08-04 | 7.5 High |
| An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Directory traversal exists for writing to files, as demonstrated by the FileName parameter. | ||||
| CVE-2020-25243 | 1 Siemens | 1 Logo\! Soft Comfort | 2024-08-04 | 5.1 Medium |
| A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. Chained with other vulnerabilities this vulnerability could ultimately lead to a system takeover by an attacker. | ||||
| CVE-2020-25176 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2024-08-04 | 9.1 Critical |
| Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution. | ||||
| CVE-2020-25145 | 1 Observium | 1 Observium | 2024-08-04 | 8.8 High |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /device/device=345/?tab=ports&view=../ URIs because of device/port.inc.php. | ||||