Search
Total
1401 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-10265 | 1 Ahsay | 1 Cloud Backup Suite | 2019-07-31 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed to (for example) "C:" then one can browse the whole server. | |||||
| CVE-2019-1010205 | 1 Linagora | 1 Hublin | 2019-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. The impact is: The vulnerability allows an attacker to access any file (with a fixed extension) on the server. The component is: A web-view renderer; details here: https://lgtm.com/projects/g/linagora/hublin/snapshot/af9f1ce253b4ee923ff8da8f9d908d02a8e95b7f/files/backend/webserver/views.js?sort=name&dir=ASC&mode=heatmap&showExcluded=false#xb24eb0101d2aec21:1. The attack vector is: Attacker sends a specially crafted HTTP request. | |||||
| CVE-2018-6914 | 4 Canonical, Debian, Redhat and 1 more | 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more | 2019-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument. | |||||
| CVE-2019-12925 | 1 Mailenable | 1 Mailenable | 2019-07-16 | 6.5 MEDIUM | 8.1 HIGH |
| MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible by the IIS user. This could lead to reading other users' credentials including those of SYSADMIN accounts, reading other users' emails, or adding emails or files to other users' accounts. | |||||
| CVE-2019-10717 | 1 Dotnetblogengine | 1 Blogengine.net | 2019-07-10 | 5.5 MEDIUM | 7.1 HIGH |
| BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter. | |||||
| CVE-2018-14918 | 1 Loytec | 2 Lgate-902, Lgate-902 Firmware | 2019-07-03 | 7.8 HIGH | 7.5 HIGH |
| LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal. | |||||
| CVE-2019-10985 | 1 Advantech | 1 Webaccess | 2019-07-02 | 6.4 MEDIUM | 7.5 HIGH |
| In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. | |||||
| CVE-2019-12276 | 1 Grandnode | 1 Grandnode | 2019-06-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch for this issue was made on 2019-05-30 in GrandNode 4.40. | |||||
| CVE-2018-16594 | 1 Sony | 105 Kd-43xe7000, Kd-43xe7002, Kd-43xe7003 and 102 more | 2019-06-24 | 4.8 MEDIUM | 8.1 HIGH |
| The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal. | |||||
| CVE-2019-10719 | 1 Dotnetblogengine | 1 Blogengine.net | 2019-06-23 | 6.5 MEDIUM | 8.8 HIGH |
| BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714. | |||||
| CVE-2018-20092 | 1 Ptc | 1 Thingworx Platform | 2019-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request. | |||||
| CVE-2019-10257 | 1 Zucchetti | 1 Hr Portal | 2019-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Unauthenticated users can escape outside of the restricted location (dot-dot-slash notation) to access files or directories that are elsewhere on the system. Through this vulnerability it is possible to read the application's java sources from /WEB-INF/classes/*.class | |||||
| CVE-2019-7315 | 1 Genieaccess | 2 Wip3bvaf, Wip3bvaf Firmware | 2019-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability (4.x versions exist only for other Genie Access products). | |||||
| CVE-2018-20470 | 1 Sahipro | 1 Sahi Pro | 2019-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files. | |||||
| CVE-2019-12137 | 2 Apple, Typora | 2 Mac Os X, Typora | 2019-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. | |||||
| CVE-2019-12145 | 1 Ipswitch | 1 Ws Ftp Server | 2019-06-12 | 5.0 MEDIUM | 7.5 HIGH |
| A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system. | |||||
| CVE-2019-9723 | 1 Logicaldoc | 1 Logicaldoc | 2019-06-11 | 5.5 MEDIUM | 7.1 HIGH |
| LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry. | |||||
| CVE-2019-12593 | 1 Icewarp | 1 Mail Server | 2019-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal. | |||||
| CVE-2018-16221 | 1 Yealink | 2 Ultra-elegant Ip Phone Sip-t41p, Ultra-elegant Ip Phone Sip-t41p Firmware | 2019-05-30 | 7.7 HIGH | 8.0 HIGH |
| The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request). | |||||
| CVE-2016-10751 | 1 Osclass | 1 Osclass | 2019-05-29 | 6.5 MEDIUM | 7.2 HIGH |
| osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload. | |||||
| CVE-2019-0194 | 1 Apache | 1 Camel | 2019-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected. | |||||
| CVE-2017-6306 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2019-05-18 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c." | |||||
| CVE-2019-12138 | 1 Macdown Project | 1 Macdown | 2019-05-16 | 4.6 MEDIUM | 7.8 HIGH |
| MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. | |||||
| CVE-2019-9726 | 1 Eq-3 | 2 Ccu3, Ccu3 Firmware | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. | |||||
| CVE-2018-12298 | 1 Seagate | 1 Nas Os | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path. | |||||
| CVE-2019-11082 | 1 Dkpro-core Project | 1 Dkpro-core | 2019-05-10 | 6.4 MEDIUM | 7.5 HIGH |
| core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. | |||||
| CVE-2017-1000028 | 1 Oracle | 1 Glassfish Server | 2019-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request. | |||||
| CVE-2018-16961 | 1 Buffalo | 1 Open Xdmod | 2019-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories. | |||||
| CVE-2015-5079 | 1 Blackcat-cms | 1 Blackcat Cms | 2019-04-29 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the dl parameter. | |||||
| CVE-2017-9833 | 1 Boa | 1 Boa | 2019-04-18 | 7.8 HIGH | 7.5 HIGH |
| /cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. | |||||
| CVE-2017-17058 | 1 Automattic | 1 Woocommerce | 2019-04-17 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code. | |||||
| CVE-2018-11759 | 3 Apache, Debian, Redhat | 3 Tomcat Jk Connector, Debian Linux, Jboss Core Services | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical. | |||||
| CVE-2018-1323 | 1 Apache | 1 Tomcat Jk Connector | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing Tomcat via the reverse proxy. | |||||
| CVE-2019-1785 | 1 Clamav | 1 Clamav | 2019-04-11 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system. | |||||
| CVE-2018-20229 | 1 Gitlab | 1 Gitlab | 2019-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal. | |||||
| CVE-2017-16744 | 1 Tridium | 2 Niagara, Niagara Ax Framework | 2019-04-03 | 6.5 MEDIUM | 7.2 HIGH |
| A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials. | |||||
| CVE-2018-19856 | 1 Gitlab | 1 Gitlab | 2019-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API. | |||||
| CVE-2019-5927 | 1 Weban | 1 An | 2019-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2019-6240 | 1 Gitlab | 1 Gitlab | 2019-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal. | |||||
| CVE-2019-5417 | 1 Zeit | 1 Serve | 2019-03-25 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server. | |||||
| CVE-2018-11789 | 1 Apache | 1 Heron | 2019-03-25 | 7.8 HIGH | 7.5 HIGH |
| When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd. | |||||
| CVE-2018-20628 | 1 Charity Foundation Script Project | 1 Charity Foundation Script | 2019-03-25 | 5.0 MEDIUM | 7.5 HIGH |
| PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | |||||
| CVE-2019-6274 | 1 Gl-inet | 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware | 2019-03-25 | 6.5 MEDIUM | 8.8 HIGH |
| Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences. | |||||
| CVE-2018-19512 | 1 Ens | 1 Webgalamb | 2019-03-22 | 9.0 HIGH | 7.2 HIGH |
| In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory. | |||||
| CVE-2018-11341 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-20 | 6.5 MEDIUM | 7.2 HIGH |
| Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter. | |||||
| CVE-2017-16654 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2019-03-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal. | |||||
| CVE-2019-5923 | 1 Ichain | 1 Insurance Wallet | 2019-03-13 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-7466 | 1 Simplemachines | 1 Simple Machines Forum | 2019-03-12 | 6.5 MEDIUM | 8.8 HIGH |
| Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation. | |||||
| CVE-2018-0496 | 2 Debian, Dinknetwork | 3 Debian Linux, Dfarc, Dfarc2 | 2019-03-01 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. | |||||
| CVE-2018-20793 | 1 Tecrail | 1 Responsive Filemanager | 2019-02-25 | 5.0 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | |||||