Total
6517 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-24136 | 1 Wcms | 1 Wcms | 2024-08-04 | 8.6 High |
Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php. | ||||
CVE-2020-24102 | 2024-08-04 | 7.6 High | ||
Directory Traversal vulnerability in Punkbuster pbsv.d64 2.351, allows remote attackers to execute arbitrary code. | ||||
CVE-2020-24144 | 1 Media File Organizer Project | 1 Media File Organizer | 2024-08-04 | 8.6 High |
Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation. | ||||
CVE-2020-24146 | 1 Cminds | 1 Cm Download Manager | 2024-08-04 | 8.1 High |
Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users to delete arbitrary files and possibly cause a denial of service via the fileName parameter in a deletescreenshot action. | ||||
CVE-2020-24137 | 1 Wcms | 1 Wcms | 2024-08-04 | 5.3 Medium |
Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php. | ||||
CVE-2020-24143 | 1 Ninjateam | 1 Video Downloader For Tiktok | 2024-08-04 | 7.5 High |
Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter. | ||||
CVE-2020-23766 | 1 Htmly | 1 Htmly | 2024-08-04 | 6.5 Medium |
An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges. | ||||
CVE-2020-23715 | 1 Webport Cms Project | 1 Webport Cms | 2024-08-04 | 8.6 High |
Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the file parameter to file/download. | ||||
CVE-2020-23575 | 1 Kyocera | 2 D-copia253mf Plus, D-copia253mf Plus Firmware | 2024-08-04 | 7.5 High |
A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the affected server. | ||||
CVE-2020-23172 | 1 Kuba Project | 1 Kuba | 2024-08-04 | 5.5 Medium |
A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives. | ||||
CVE-2020-23069 | 1 Webtareas Project | 1 Webtareas | 2024-08-04 | 6.5 Medium |
Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, which could let a malicious user read arbitrary files. | ||||
CVE-2020-23161 | 1 Pyres | 2 Termod4, Termod4 Firmware | 2024-08-04 | 6.5 Medium |
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL. | ||||
CVE-2020-23040 | 1 Sky File Project | 1 Sky File | 2024-08-04 | 7.5 High |
Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands. | ||||
CVE-2020-23061 | 1 Dropouts | 1 Super Backup | 2024-08-04 | 7.5 High |
Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via a change to the path variable to request the local list command. | ||||
CVE-2020-23038 | 1 Kumilabs | 1 Swift File Transfer | 2024-08-04 | 7.5 High |
Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables. | ||||
CVE-2020-22550 | 1 Veno File Manager Project | 1 Veno File Manager | 2024-08-04 | 7.5 High |
Veno File Manager 3.5.6 is affected by a directory traversal vulnerability. Using the traversal allows an attacker to download sensitive files from the server. | ||||
CVE-2020-22623 | 1 Insightsoftware | 1 Jreport | 2024-08-04 | 7.5 High |
Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information. | ||||
CVE-2020-22200 | 1 Phpcms | 1 Phpcms | 2024-08-04 | 5.3 Medium |
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword. | ||||
CVE-2020-21862 | 1 Duxcms Project | 1 Duxcms | 2024-08-04 | 8.1 High |
Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del. | ||||
CVE-2020-21590 | 1 Wuzhicms | 1 Wuzhicms | 2024-08-04 | 4.3 Medium |
Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter. |