Total
6446 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-16193 | 1 Mfrs Project | 1 Mfrs | 2024-09-16 | N/A |
mfrs is a static file server. mfrs is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
CVE-2021-23427 | 1 Elfinder.netcore Project | 1 Elfinder.netcore | 2024-09-16 | 8.6 High |
This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation. | ||||
CVE-2021-26086 | 1 Atlassian | 2 Jira Data Center, Jira Server | 2024-09-16 | 5.3 Medium |
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1. | ||||
CVE-2017-8297 | 1 Simple-file-manager Project | 1 Simple-file-manager | 2024-09-16 | N/A |
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component). | ||||
CVE-2017-16164 | 1 Desafio Project | 1 Desafio | 2024-09-16 | N/A |
desafio is a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url, but is limited to accessing only .html files. | ||||
CVE-2014-9734 | 1 Themepunch | 1 Slider Revolution | 2024-09-16 | N/A |
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. | ||||
CVE-2017-16169 | 1 Looppake Project | 1 Looppake | 2024-09-16 | N/A |
looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
CVE-2017-16167 | 1 Yyooopack Project | 1 Yyooopack | 2024-09-16 | N/A |
yyooopack is a simple file server. yyooopack is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
CVE-2009-3284 | 1 Phpspot | 6 Php \& Css Bbs, Php Bbs, Php Bbs Ce and 3 more | 2024-09-16 | N/A |
Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2020-3440 | 1 Cisco | 1 Webex Meetings | 2024-09-16 | 6.5 Medium |
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attacker could exploit this vulnerability by persuading a user to follow a URL to a website that is designed to submit crafted input to the affected application. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system, possibly corrupting or deleting critical system files. | ||||
CVE-2018-15695 | 1 Asustor | 1 Data Master | 2024-09-16 | N/A |
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi. | ||||
CVE-2017-0930 | 1 Augustine Project | 1 Augustine | 2024-09-16 | N/A |
augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path. | ||||
CVE-2013-5979 | 1 Springsignage | 1 Xibo | 2024-09-16 | N/A |
Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php. | ||||
CVE-2020-27128 | 1 Cisco | 1 Sd-wan | 2024-09-16 | 6.5 Medium |
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and write files to an arbitrary location on the targeted system. | ||||
CVE-2019-3720 | 1 Dell | 1 Emc Openmanage Server Administrator | 2024-09-16 | 4.9 Medium |
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerability to gain unauthorized access to the file system by exploiting insufficient sanitization of input parameters. | ||||
CVE-2010-1492 | 1 Palosanto | 1 Elastix | 2024-09-16 | N/A |
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2011-4880 | 1 Atvise | 1 Webmi2ads | 2024-09-16 | N/A |
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request. | ||||
CVE-2022-38418 | 1 Adobe | 1 Coldfusion | 2024-09-16 | 9.8 Critical |
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. | ||||
CVE-2013-1081 | 1 Novell | 1 Zenworks Mobile Management | 2024-09-16 | N/A |
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter. | ||||
CVE-2018-20610 | 1 Txjia | 1 Imcat | 2024-09-16 | N/A |
imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. |