Total
6521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44674 | 1 Opmantek | 1 Open-audit | 2024-08-04 | 6.5 Medium |
| An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory. | ||||
| CVE-2021-44664 | 1 Xerte | 1 Xerte | 2024-08-04 | 8.8 High |
| An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_code/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the upload filters. Attackers can manipulate the files destination by abusing path traversal in the 'mediapath' variable. | ||||
| CVE-2021-44519 | 1 Citrix | 1 Xenmobile Server | 2024-08-04 | 8.8 High |
| In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution. | ||||
| CVE-2021-44586 | 1 Dst-admin Project | 1 Dst-admin | 2024-08-04 | 7.5 High |
| An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information. | ||||
| CVE-2021-44232 | 1 Sap | 1 Saf-t Framework | 2024-08-04 | 7.7 High |
| SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access. The attacker can see the whole filesystem structure but cannot overwrite, delete, or corrupt arbitrary files on the server. | ||||
| CVE-2021-44351 | 1 Naviwebs | 1 Navigate Cms | 2024-08-04 | 7.5 High |
| An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter. | ||||
| CVE-2021-44278 | 1 Librenms | 1 Librenms | 2024-08-04 | 9.8 Critical |
| Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php. | ||||
| CVE-2021-44138 | 1 Caucho | 1 Resin | 2024-08-04 | 7.5 High |
| There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request. | ||||
| CVE-2021-44124 | 1 Hiby | 2 R3 Pro, R3 Pro Firmware | 2024-08-04 | 7.5 High |
| Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does not have enough input data sanitization when shown data from SD Card, an attacker can navigate through the device's File System over HTTP. | ||||
| CVE-2021-43674 | 1 Thinkupapp | 1 Thinkup | 2024-08-04 | 9.8 Critical |
| ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2021-44111 | 1 S-cart | 1 S-cart | 2024-08-04 | 4.4 Medium |
| A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. | ||||
| CVE-2021-43930 | 1 Smartptt | 1 Smartptt Scada | 2024-08-04 | 4.9 Medium |
| Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system. | ||||
| CVE-2021-43840 | 1 Discourse | 1 Message Bus | 2024-08-04 | 4.4 Medium |
| message_bus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled (default off) are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user were to gain access to the diagnostic route. The impact is also greater if there is no proxy for your web application as the number of steps up the directories is not bounded. For deployments which uses a proxy, the impact varies. For example, If a request goes through a proxy like Nginx with `merge_slashes` enabled, the number of steps up the directories that can be read is limited to 3 levels. This issue has been patched in version 3.3.7. Users unable to upgrade should ensure that MessageBus::Diagnostics is disabled. | ||||
| CVE-2021-43836 | 1 Sulu | 1 Sulu | 2024-08-04 | 8.5 High |
| Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language. | ||||
| CVE-2021-43831 | 1 Gradio Project | 1 Gradio | 2024-08-04 | 7.7 High |
| Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access any files on the host computer if they know the file names or file paths. This is limited only by the host operating system. Paths are opened in read only mode. The problem has been patched in gradio 2.5.0. | ||||
| CVE-2021-43813 | 2 Grafana, Redhat | 4 Grafana, Ceph Storage, Enterprise Linux and 1 more | 2024-08-04 | 4.3 Medium |
| Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text. | ||||
| CVE-2021-43788 | 1 Nodebb | 1 Nodebb | 2024-08-04 | 5 Medium |
| Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible. | ||||
| CVE-2021-43778 | 1 Glpi-project | 1 Barcode | 2024-08-04 | 9.1 Critical |
| Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file. | ||||
| CVE-2021-43815 | 1 Grafana | 1 Grafana | 2024-08-04 | 4.3 Medium |
| Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. | ||||
| CVE-2021-43795 | 1 Linecorp | 1 Armeria | 2024-08-04 | 7.5 High |
| Armeria is an open source microservice framework. In affected versions an attacker can access an Armeria server's local file system beyond its restricted directory by sending an HTTP request whose path contains `%2F` (encoded `/`), such as `/files/..%2Fsecrets.txt`, bypassing Armeria's path validation logic. Armeria 1.13.4 or above contains the hardened path validation logic that handles `%2F` properly. This vulnerability can be worked around by inserting a decorator that performs an additional validation on the request path. | ||||