Search
Total
1401 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28584 | 1 Magento | 1 Magento | 2021-07-06 | 6.5 MEDIUM | 7.2 HIGH |
| Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required for successful exploitation. | |||||
| CVE-2019-14322 | 2 Microsoft, Palletsprojects | 2 Windows, Werkzeug | 2021-07-06 | 5.0 MEDIUM | 7.5 HIGH |
| In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. | |||||
| CVE-2021-21102 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21090 | 2 Adobe, Microsoft | 2 Incopy, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-23715 | 1 Webport Cms Project | 1 Webport Cms | 2021-07-02 | 5.0 MEDIUM | 8.6 HIGH |
| Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the file parameter to file/download. | |||||
| CVE-2021-28588 | 1 Adobe | 1 Robohelp Server | 2021-07-02 | 9.0 HIGH | 8.8 HIGH |
| Adobe RoboHelp Server version 2019.0.9 (and earlier) is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. | |||||
| CVE-2021-29087 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to write arbitrary files via unspecified vectors. | |||||
| CVE-2016-6321 | 1 Gnu | 1 Tar | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | |||||
| CVE-2021-31538 | 1 Lancom-systems | 6 Lcos Fx, Uf-160, Uf-260 and 3 more | 2021-06-22 | 5.0 MEDIUM | 7.5 HIGH |
| LANCOM R&S Unified Firewall (UF) devices running LCOS FX 10.5 allow Relative Path Traversal. | |||||
| CVE-2020-13818 | 1 Zohocorp | 1 Manageengine Opmanager | 2021-06-22 | 5.0 MEDIUM | 7.5 HIGH |
| In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed. | |||||
| CVE-2021-34129 | 1 Laiketui | 1 Laiketui | 2021-06-21 | 5.5 MEDIUM | 8.1 HIGH |
| LaikeTui 3.5.0 allows remote authenticated users to delete arbitrary files, as demonstrated by deleting install.lock in order to reinstall the product in an attacker-controlled manner. This deletion is possible via directory traversal in the uploadImg, oldpic, or imgurl parameter. | |||||
| CVE-2021-22762 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition. | |||||
| CVE-2021-20517 | 1 Ibm | 1 Websphere Application Server Nd | 2021-06-10 | 6.5 MEDIUM | 8.8 HIGH |
| IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to read and delete arbitrary files on the system. IBM X-Force ID: 198435. | |||||
| CVE-2021-33183 | 1 Synology | 1 Docker | 2021-06-10 | 3.6 LOW | 7.9 HIGH |
| Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability container volume management component in Synology Docker before 18.09.0-0515 allows local users to read or write arbitrary files via unspecified vectors. | |||||
| CVE-2021-29088 | 1 Synology | 1 Diskstation Manager | 2021-06-09 | 4.6 MEDIUM | 7.8 HIGH |
| Improper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2009-3721 | 2 Gnome, Ytnef Project | 2 Evolution, Ytnef | 2021-06-04 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments. | |||||
| CVE-2021-22736 | 1 Schneider-electric | 4 Homelynk, Homelynk Firmware, Spacelynk and 1 more | 2021-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded. | |||||
| CVE-2021-22717 | 1 Schneider-electric | 1 C-bus Toolkit | 2021-06-02 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files. | |||||
| CVE-2021-22718 | 1 Schneider-electric | 1 C-bus Toolkit | 2021-06-02 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files. | |||||
| CVE-2021-22719 | 1 Schneider-electric | 1 C-bus Toolkit | 2021-06-02 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded. | |||||
| CVE-2021-27461 | 1 Emerson | 8 X-stream Enhanced Xefd, X-stream Enhanced Xefd Firmware, X-stream Enhanced Xegk and 5 more | 2021-05-28 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs. | |||||
| CVE-2020-21057 | 1 Fusionpbx | 1 Fusionpbx | 2021-05-25 | 5.5 MEDIUM | 8.1 HIGH |
| Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php. | |||||
| CVE-2021-32572 | 1 Specotech | 1 Web Viewer | 2021-05-21 | 5.0 MEDIUM | 7.5 HIGH |
| Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. at the beginning, as demonstrated by reading the /etc/passwd file. | |||||
| CVE-2020-23575 | 1 Kyocera | 2 D-copia253mf Plus, D-copia253mf Plus Firmware | 2021-05-17 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the affected server. | |||||
| CVE-2019-11654 | 1 Microfocus | 1 Verastream Host Integrator | 2021-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | |||||
| CVE-2020-36321 | 1 Vaadin | 2 Flow, Vaadin | 2021-05-05 | 5.0 MEDIUM | 7.5 HIGH |
| Improper URL validation in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.4.1 (Vaadin 14.0.0 through 14.4.2), and 3.0 prior to 5.0 (Vaadin 15 prior to 18) allows attacker to request arbitrary files stored outside of intended frontend resources folder. | |||||
| CVE-2017-1000026 | 1 Progress | 1 Mixlib-archive | 2021-04-30 | 5.0 MEDIUM | 7.5 HIGH |
| Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries | |||||
| CVE-2020-7858 | 2 Cdnetworks, Microsoft | 2 Aquanplayer, Windows | 2021-04-29 | 5.0 MEDIUM | 8.6 HIGH |
| There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage. | |||||
| CVE-2021-29466 | 1 Discord | 1 Discord-recon | 2021-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| Discord-Recon is a bot for the Discord chat service. In versions of Discord-Recon 0.0.3 and prior, a remote attacker is able to read local files from the server that can disclose important information. As a workaround, a bot maintainer can locate the file `app.py` and add `.replace('..', '')` into the `Path` variable inside of the `recon` function. The vulnerability is patched in version 0.0.4. | |||||
| CVE-2021-27278 | 1 Parallels | 1 Parallels Desktop | 2021-04-26 | 4.6 MEDIUM | 8.2 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. Was ZDI-CAN-12130. | |||||
| CVE-2021-25361 | 1 Google | 1 Android | 2021-04-26 | 7.2 HIGH | 8.8 HIGH |
| An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. | |||||
| CVE-2016-10183 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2021-04-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal. | |||||
| CVE-2016-10184 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2021-04-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal. | |||||
| CVE-2017-15363 | 1 Luracast | 1 Restler | 2021-04-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter. | |||||
| CVE-2017-12637 | 1 Sap | 1 Netweaver Application Server Java | 2021-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657. | |||||
| CVE-2020-24136 | 1 Wcms | 1 Wcms | 2021-04-19 | 7.8 HIGH | 8.6 HIGH |
| Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php. | |||||
| CVE-2021-20692 | 1 Eikisoft | 1 Archive Collectively Operation Utility | 2021-04-12 | 5.8 MEDIUM | 7.1 HIGH |
| Directory traversal vulnerability in Archive collectively operation utility Ver.2.10.1.0 and earlier allows an attacker to create or overwrite files by leading a user to expand a malicious ZIP archives. | |||||
| CVE-2021-28172 | 1 Deltaflow Project | 1 Deltaflow | 2021-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage. | |||||
| CVE-2021-27272 | 1 Netgear | 1 Prosafe Network Management System | 2021-03-30 | 7.5 HIGH | 7.1 HIGH |
| This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ReportTemplateController class. When parsing the path parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12123. | |||||
| CVE-2021-27276 | 1 Netgear | 1 Prosafe Network Management System | 2021-03-30 | 5.5 MEDIUM | 7.1 HIGH |
| This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MibController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12122. | |||||
| CVE-2021-27275 | 1 Netgear | 1 Prosafe Network Management System | 2021-03-30 | 6.5 MEDIUM | 8.3 HIGH |
| This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ConfigFileController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-12125. | |||||
| CVE-2021-1435 | 1 Cisco | 1 Ios Xe | 2021-03-29 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to the web UI of an affected device with arbitrary commands injected into a portion of the request. A successful exploit could allow the attacker to execute arbitrary commands as the root user. | |||||
| CVE-2020-26279 | 1 Protocol | 1 Go-ipfs | 2021-03-27 | 5.5 MEDIUM | 8.1 HIGH |
| go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1. | |||||
| CVE-2020-10584 | 1 Invigo | 1 Automatic Device Management | 2021-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application. | |||||
| CVE-2020-10579 | 1 Invigo | 1 Automatic Device Management | 2021-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application. | |||||
| CVE-2020-27871 | 1 Solarwinds | 1 Orion Platform | 2021-03-26 | 9.0 HIGH | 7.2 HIGH |
| This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902. | |||||
| CVE-2021-21357 | 1 Typo3 | 1 Typo3 | 2021-03-26 | 6.5 MEDIUM | 8.3 HIGH |
| TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1. | |||||
| CVE-2021-20218 | 1 Redhat | 9 A-mq Online, Build Of Quarkus, Codeready Studio and 6 more | 2021-03-25 | 5.8 MEDIUM | 7.4 HIGH |
| A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 | |||||
| CVE-2017-1000170 | 1 Jqueryfiletree Project | 1 Jqueryfiletree | 2021-03-25 | 5.0 MEDIUM | 7.5 HIGH |
| jqueryFileTree 2.1.5 and older Directory Traversal | |||||
| CVE-2019-10161 | 2 Canonical, Redhat | 5 Ubuntu Linux, Enterprise Linux, Libvirt and 2 more | 2021-03-25 | 7.2 HIGH | 7.8 HIGH |
| It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. | |||||