Search
Total
1401 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17312 | 1 Sugarcrm | 1 Sugarcrm | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user. | |||||
| CVE-2019-17314 | 1 Sugarcrm | 1 Sugarcrm | 2019-10-09 | 6.5 MEDIUM | 7.2 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user. | |||||
| CVE-2019-17313 | 1 Sugarcrm | 1 Sugarcrm | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user. | |||||
| CVE-2019-17175 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2019-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal. | |||||
| CVE-2019-8291 | 1 Online Store System Project | 1 Online Store System | 2019-10-07 | 6.4 MEDIUM | 7.5 HIGH |
| Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal. | |||||
| CVE-2014-10073 | 2 Debian, Wpitchoune | 2 Debian Linux, Psensor | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. | |||||
| CVE-2017-14849 | 1 Nodejs | 1 Node.js | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules. | |||||
| CVE-2017-5381 | 1 Mozilla | 1 Firefox | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51. | |||||
| CVE-2018-20144 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control. | |||||
| CVE-2018-15610 | 1 Avaya | 1 Ip Office | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2. | |||||
| CVE-2018-20714 | 1 Woocommerce | 1 Woocommerce | 2019-10-03 | 5.5 MEDIUM | 8.1 HIGH |
| The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin. | |||||
| CVE-2018-7486 | 1 Blueriver | 1 Muracms | 2019-10-03 | 6.5 MEDIUM | 7.2 HIGH |
| Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions on file types or pathnames, which allows remote attackers to execute arbitrary code via an [m]$.dspinclude("../pathname/executable.jpeg")[/m] approach, where executable.jpeg contains ColdFusion Markup Language code. This can be exploited in conjunction with a CKFinder feature that allows file upload. | |||||
| CVE-2017-10993 | 1 Contao | 1 Contao Cms | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal. | |||||
| CVE-2017-1087 | 1 Freebsd | 1 Freebsd | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation. | |||||
| CVE-2018-1000647 | 1 Librehealth | 1 Librehealth Ehr | 2019-10-03 | 5.5 MEDIUM | 7.1 HIGH |
| LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter. | |||||
| CVE-2018-1000817 | 1 Asset Pipeline Project | 1 Asset-pipeline | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially crafted GET request containing directory traversal from assets-pipeline context. This vulnerability appears to have been fixed in 2.14.1.1 (for Grails 2.x), 2.15.1 (for Grails 3 and Java 7) and 3.0.6 (for Grails 3 and Java 8). | |||||
| CVE-2018-1000863 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2019-10-03 | 6.4 MEDIUM | 8.2 HIGH |
| A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins. | |||||
| CVE-2018-11319 | 2 Debian, Syntastic Project | 2 Debian Linux, Syntastic | 2019-10-03 | 8.5 HIGH | 7.5 HIGH |
| Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked. NOTE: exploitation is more difficult after 3.8.0 because filename prediction may be needed. | |||||
| CVE-2017-18636 | 1 Esafenet | 1 Cdg | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal. | |||||
| CVE-2019-9281 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-32748076 | |||||
| CVE-2015-9406 | 1 Mtheme-unus Project | 1 Mtheme-unus | 2019-09-27 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php. | |||||
| CVE-2014-10396 | 1 Organizedthemes | 1 Epic | 2019-09-27 | 5.0 MEDIUM | 7.5 HIGH |
| The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php. | |||||
| CVE-2019-13063 | 1 Sahipro | 1 Sahi Pro | 2019-09-23 | 5.0 MEDIUM | 7.5 HIGH |
| Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion. | |||||
| CVE-2014-10397 | 1 Para | 1 Antioch | 2019-09-23 | 5.0 MEDIUM | 7.5 HIGH |
| The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php. | |||||
| CVE-2016-10966 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2019-09-17 | 5.0 MEDIUM | 7.5 HIGH |
| The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. | |||||
| CVE-2016-10965 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2019-09-17 | 6.4 MEDIUM | 7.5 HIGH |
| The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. | |||||
| CVE-2019-6783 | 1 Gitlab | 1 Gitlab | 2019-09-10 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. GitLab Pages contains a directory traversal vulnerability that could lead to remote command execution. | |||||
| CVE-2019-12464 | 1 Librenms | 1 Librenms | 2019-09-10 | 6.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local file inclusion resulting in code execution. | |||||
| CVE-2019-16123 | 1 Kartatopia | 1 Piluscart | 2019-09-09 | 5.0 MEDIUM | 7.5 HIGH |
| In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure. | |||||
| CVE-2019-15952 | 1 Totaljs | 1 Total.js Cms | 2019-09-06 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted directory. Also, if a page contains a template directive, then the directive will be server side processed. Thus, if a user can control the content of a .html file, then they can inject a payload with a malicious template directive to gain Remote Command Execution. The exploit will work only with the .html extension. | |||||
| CVE-2019-15323 | 1 Ad Inserter Project | 1 Ad Inserter | 2019-09-06 | 5.0 MEDIUM | 7.5 HIGH |
| The ad-inserter plugin before 2.4.20 for WordPress has path traversal. | |||||
| CVE-2019-15630 | 1 Mulesoft | 2 Api Gateway, Mule Runtime | 2019-09-05 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process. | |||||
| CVE-2019-6113 | 1 Onkyo | 2 Tx-nr686, Tx-nr686 Firmware | 2019-09-04 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI. | |||||
| CVE-2019-11029 | 1 Mirasys | 1 Mirasys Vms | 2019-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This includes SAM-database backups, Web.config files, etc. and might cause a serious impact on confidentiality. | |||||
| CVE-2019-12791 | 1 Vestacp | 1 Control Panel | 2019-08-28 | 9.0 HIGH | 8.8 HIGH |
| A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form. | |||||
| CVE-2019-15516 | 1 Cuberite | 1 Cuberite | 2019-08-27 | 5.0 MEDIUM | 7.5 HIGH |
| Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring. | |||||
| CVE-2014-8871 | 1 Sap | 1 Hybris | 2019-08-27 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier. | |||||
| CVE-2016-10924 | 1 Zedna Ebook Download Project | 1 Zedna Ebook Download | 2019-08-23 | 5.0 MEDIUM | 7.5 HIGH |
| The ebook-download plugin before 1.2 for WordPress has directory traversal. | |||||
| CVE-2017-18585 | 1 Ivycat | 1 Posts In Page | 2019-08-23 | 5.5 MEDIUM | 8.1 HIGH |
| The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal. | |||||
| CVE-2019-15326 | 1 Codection | 1 Import Users From Csv With Meta | 2019-08-23 | 5.0 MEDIUM | 7.5 HIGH |
| The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. | |||||
| CVE-2019-14788 | 1 Tribulant | 1 Newsletter | 2019-08-22 | 6.5 MEDIUM | 8.8 HIGH |
| wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value. | |||||
| CVE-2018-8741 | 2 Debian, Squirrelmail | 2 Debian Linux, Squirrelmail | 2019-08-15 | 6.5 MEDIUM | 8.8 HIGH |
| A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | |||||
| CVE-2019-14701 | 1 Microdigital | 6 Mdc-n2190v, Mdc-n2190v Firmware, Mdc-n4090 and 3 more | 2019-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random. | |||||
| CVE-2019-14700 | 1 Microdigital | 6 Mdc-n2190v, Mdc-n2190v Firmware, Mdc-n4090 and 3 more | 2019-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists. | |||||
| CVE-2019-14521 | 1 Emca | 1 Energy Logserver | 2019-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter. | |||||
| CVE-2019-11508 | 1 Pulsesecure | 1 Pulse Connect Secure | 2019-08-09 | 6.5 MEDIUM | 7.2 HIGH |
| In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance. | |||||
| CVE-2016-0752 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2019-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. | |||||
| CVE-2016-10828 | 1 Cpanel | 1 Cpanel | 2019-08-07 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | |||||
| CVE-2019-7859 | 1 Magento | 1 Magento | 2019-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due to insufficient access control. | |||||
| CVE-2019-14452 | 3 Canonical, Flightcrew Project, Sigil-ebook | 3 Ubuntu Linux, Flightcrew, Sigil | 2019-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | |||||