Search
Total
907 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7654 | 1 3cx | 1 3cx | 2018-03-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal. | |||||
| CVE-2018-0525 | 1 Jubat | 1 Jubatus | 2018-03-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-2380 | 1 Sap | 1 Customer Relationship Management | 2018-03-23 | 6.5 MEDIUM | 6.6 MEDIUM |
| SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. | |||||
| CVE-2018-7172 | 1 Wondercms | 1 Wondercms | 2018-03-23 | 5.5 MEDIUM | 4.9 MEDIUM |
| In index.php in WonderCMS before 2.4.1, remote attackers can delete arbitrary files via directory traversal. | |||||
| CVE-2018-7212 | 2 Microsoft, Sinatrarb | 2 Windows, Sinatra | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters. | |||||
| CVE-2014-3972 | 1 Apexis | 2 Apm-j601-ws, Apm-j601-ws Firmware | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-16814 | 1 Foxitsoftware | 1 Mobilepdf | 2018-03-16 | 3.3 LOW | 5.5 MEDIUM |
| A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs by abusing the URL + escape character during a Wi-Fi transfer, which could be exploited by attackers to bypass intended restrictions on local application files. | |||||
| CVE-2017-15712 | 1 Apache | 1 Oozie | 2018-03-16 | 6.8 MEDIUM | 6.5 MEDIUM |
| Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host. | |||||
| CVE-2015-4461 | 1 Efrontlearning | 1 Efront | 2018-02-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter. | |||||
| CVE-2017-12560 | 1 Hp | 1 Intelligent Management Center | 2018-02-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found. | |||||
| CVE-2017-12559 | 1 Hp | 1 Intelligent Management Center | 2018-02-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found. | |||||
| CVE-2017-18037 | 1 Atlassian | 1 Bitbucket | 2018-02-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag. | |||||
| CVE-2017-18038 | 1 Atlassian | 1 Bitbucket | 2018-02-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name. | |||||
| CVE-2017-9964 | 1 Schneider-electric | 1 Pelco Videoxpert | 2018-02-13 | 5.8 MEDIUM | 6.9 MEDIUM |
| A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting in authentication bypass or session hijack. | |||||
| CVE-2017-9965 | 1 Schneider-electric | 1 Pelco Videoxpert | 2018-02-13 | 5.0 MEDIUM | 5.8 MEDIUM |
| An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files. | |||||
| CVE-2018-6022 | 1 5none | 1 Nonecms | 2018-02-12 | 5.5 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitrary files by leveraging back-office access to provide a ..\ in the param.path parameter. | |||||
| CVE-2017-1279 | 1 Ibm | 1 Tealeaf Customer Experience | 2018-02-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 124757. | |||||
| CVE-2014-9485 | 1 Minizip Project | 1 Minizip | 2018-02-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive. | |||||
| CVE-2017-1000472 | 2 Debian, Pocoproject | 2 Debian Linux, Poco | 2018-02-04 | 5.8 MEDIUM | 6.5 MEDIUM |
| The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary files, via a crafted ZIP file, related to a "file path injection vulnerability". | |||||
| CVE-2018-5310 | 1 Media From Ftp Project | 1 Media From Ftp | 2018-01-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI. | |||||
| CVE-2017-10273 | 1 Oracle | 1 Jdeveloper | 2018-01-25 | 3.7 LOW | 4.7 MEDIUM |
| Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L). | |||||
| CVE-2017-17924 | 1 Ordermanagementscript | 1 Professional Service Script | 2018-01-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. | |||||
| CVE-2017-17927 | 1 Ordermanagementscript | 1 Professional Service Script | 2018-01-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. | |||||
| CVE-2017-10907 | 1 Spiqe | 1 Onethird Cms Show Off | 2018-01-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-15532 | 1 Symantec | 1 Messaging Gateway | 2018-01-05 | 5.5 MEDIUM | 5.7 MEDIUM |
| Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files. | |||||
| CVE-2014-9767 | 2 Hiphop Virtual Machine For Php Project, Php | 2 Hiphop Virtual Machine For Php, Php | 2018-01-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. | |||||
| CVE-2017-1548 | 1 Ibm | 1 Sterling File Gateway | 2017-12-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 131288. | |||||
| CVE-2017-16959 | 1 Tp-link | 108 Tl-er3210g, Tl-er3210g Firmware, Tl-er3220g and 105 more | 2017-12-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd. | |||||
| CVE-2017-15527 | 1 Symantec | 1 Management Console | 2017-12-12 | 5.2 MEDIUM | 6.8 MEDIUM |
| Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. | |||||
| CVE-2017-2695 | 1 Huawei | 2 Tit-al00, Tit-al00 Firmware | 2017-12-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application. | |||||
| CVE-2017-16936 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2017-12-12 | 3.3 LOW | 6.5 MEDIUM |
| Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring. | |||||
| CVE-2017-8189 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-08 | 3.6 LOW | 6.0 MEDIUM |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal. | |||||
| CVE-2017-15359 | 1 3cx | 1 3cx | 2017-11-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks. | |||||
| CVE-2017-14614 | 1 Gridgain | 1 Gridgain | 2017-11-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the Visor GUI Console in GridGain before 1.7.16, 1.8.x before 1.8.12, 1.9.x before 1.9.7, and 8.x before 8.1.5 allows remote authenticated users to read arbitrary files on remote cluster nodes via a crafted path. | |||||
| CVE-2016-7169 | 1 Wordpress | 1 Wordpress | 2017-11-04 | 6.5 MEDIUM | 6.3 MEDIUM |
| Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter. | |||||
| CVE-2017-14754 | 1 Opentext | 1 Document Sciences Xpression | 2017-10-11 | 6.8 MEDIUM | 6.5 MEDIUM |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-13985 | 1 Hp | 1 Bsm Platform Application Performance Management System Health | 2017-10-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information. | |||||
| CVE-2017-14513 | 1 Metinfo | 1 Metinfo | 2017-09-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php. | |||||
| CVE-2014-8163 | 1 Redhat | 1 Satellite | 2017-09-05 | 5.5 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | |||||
| CVE-2014-8676 | 1 Soplanning | 1 Soplanning | 2017-09-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in a URL path parameter. | |||||
| CVE-2017-7693 | 1 Riverbed | 1 Opnet App Response Xpert | 2017-09-02 | 6.8 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in viewer_script.jsp in Riverbed OPNET App Response Xpert (ARX) version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files. | |||||
| CVE-2016-2205 | 1 Symantec | 2 Workspace Streaming, Workspace Virtualization | 2017-09-01 | 6.1 MEDIUM | 5.7 MEDIUM |
| Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors. | |||||
| CVE-2016-5307 | 1 Symantec | 1 Endpoint Protection Manager | 2017-09-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors. | |||||
| CVE-2017-10834 | 1 Nippon-antenna | 2 Scr02hd, Scr02hd Firmware | 2017-08-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-10841 | 1 Webcalendar Project | 1 Webcalendar | 2017-08-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-2258 | 1 Cybozu | 1 Garoon | 2017-08-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications". | |||||
| CVE-2016-5332 | 1 Vmware | 1 Vrealize Log Insight | 2017-08-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-12586 | 1 Slims | 1 Akasia | 2017-08-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian users. | |||||
| CVE-2016-7087 | 2 Microsoft, Vmware | 2 Windows, Horizon View | 2017-07-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-6038 | 1 Ibm | 1 Aix | 2017-07-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL. | |||||