Search
Total
4706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6286 | 1 Sap | 1 Netweaver Application Server Java | 2020-07-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal. | |||||
| CVE-2020-14461 | 1 Zyxel | 2 Wap6806, Wap6806 Firmware | 2020-07-15 | 5.0 MEDIUM | 8.6 HIGH |
| Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI. | |||||
| CVE-2020-14946 | 1 Globalradar | 1 Bsa Radar | 2020-07-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath parameters in the URL, or while using a proxy. This vulnerability could be used to view local sensitive files or configuration files. | |||||
| CVE-2012-0896 | 3 Count Per Day Project, Tom Braider, Wordpress | 3 Count Per Day, Count Per Day, Wordpress | 2020-07-13 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. | |||||
| CVE-2020-15583 | 1 Google | 1 Android | 2020-07-10 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 (July 2020). | |||||
| CVE-2020-13383 | 1 Os4ed | 1 Opensis | 2020-07-06 | 5.0 MEDIUM | 7.5 HIGH |
| openSIS through 7.4 allows Directory Traversal. | |||||
| CVE-2020-4053 | 1 Helm | 1 Helm | 2020-07-06 | 8.5 HIGH | 6.8 MEDIUM |
| In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4. | |||||
| CVE-2015-2067 | 1 Magmi Project | 1 Magmi | 2020-07-06 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2019-7267 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2020-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| Linear eMerge 50P/5000P devices allow Cookie Path Traversal. | |||||
| CVE-2020-5588 | 1 Cybozu | 1 Garoon | 2020-07-02 | 4.0 MEDIUM | 4.9 MEDIUM |
| Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. | |||||
| CVE-2020-5581 | 1 Cybozu | 1 Garoon | 2020-07-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | |||||
| CVE-2017-1000047 | 1 Rbenv Project | 1 Rbenv | 2020-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution | |||||
| CVE-2020-13158 | 1 Articatech | 1 Artica Proxy | 2020-07-01 | 5.0 MEDIUM | 7.5 HIGH |
| Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter. | |||||
| CVE-2020-15026 | 1 Bludit | 1 Bludit | 2020-06-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. | |||||
| CVE-2017-18874 | 1 Mattermost | 1 Mattermost Server | 2020-06-29 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can achieve directory traversal. | |||||
| CVE-2019-10720 | 1 Blogengine | 1 Blogengine.net | 2020-06-29 | 6.5 MEDIUM | 8.8 HIGH |
| BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714. | |||||
| CVE-2017-18912 | 1 Mattermost | 1 Mattermost Server | 2020-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. It allows an attacker to specify a full pathname of a log file. | |||||
| CVE-2018-1000857 | 1 Open-systems | 1 Log-user-session | 2020-06-24 | 9.0 HIGH | 8.8 HIGH |
| log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible. | |||||
| CVE-2020-5590 | 1 Ec-cube | 1 Ec-cube | 2020-06-24 | 5.5 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. | |||||
| CVE-2020-12003 | 1 Rockwellautomation | 2 Factorytalk Linx, Rslinx Classic | 2020-06-24 | 5.0 MEDIUM | 7.5 HIGH |
| FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to use specially crafted requests to traverse the file system and expose sensitive data on the local hard drive. | |||||
| CVE-2020-3241 | 1 Cisco | 1 Ucs Director | 2020-06-23 | 8.5 HIGH | 6.5 MEDIUM |
| A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input on the web-based management interface. An attacker could exploit this vulnerability by creating a task with specific configuration parameters. A successful exploit could allow the attacker to overwrite arbitrary files in the file system of an affected device. | |||||
| CVE-2020-3236 | 1 Cisco | 1 Enterprise Network Function Virtualization Infrastructure | 2020-06-23 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using path traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files on an affected device. | |||||
| CVE-2020-12827 | 1 Mjml | 1 Mjml | 2020-06-23 | 6.4 MEDIUM | 7.2 HIGH |
| MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document. | |||||
| CVE-2020-14452 | 1 Mattermost | 1 Mattermost Server | 2020-06-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTTP, aka MMSA-2020-0014. | |||||
| CVE-2020-7497 | 1 Schneider-electric | 1 Ecostruxure Operator Terminal Expert | 2020-06-19 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause arbitrary application execution when the computer starts. | |||||
| CVE-2020-7495 | 1 Schneider-electric | 1 Ecostruxure Operator Terminal Expert | 2020-06-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause unauthorized write access outside of expected path folder when opening the project file. | |||||
| CVE-2020-7494 | 1 Schneider-electric | 1 Ecostruxure Operator Terminal Expert | 2020-06-19 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file. | |||||
| CVE-2015-7851 | 1 Ntp | 1 Ntp | 2020-06-18 | 3.5 LOW | 6.5 MEDIUM |
| Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files. | |||||
| CVE-2020-11798 | 1 Mitel | 1 Micollab Audio\, Web \& Video Conferencing | 2020-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access validation. A successful exploit could allow an attacker to access sensitive information from the restricted directories. | |||||
| CVE-2020-1737 | 1 Redhat | 2 Ansible Engine, Ansible Tower | 2020-06-13 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. | |||||
| CVE-2019-0226 | 1 Apache | 1 Karaf | 2020-06-12 | 5.5 MEDIUM | 4.9 MEDIUM |
| Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. User should upgrade to Apache Karaf 4.2.5 or later. | |||||
| CVE-2017-9846 | 1 Magicwinmail | 1 Winmail Server | 2020-06-11 | 6.5 MEDIUM | 8.8 HIGH |
| Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php move_folder_file call to move a .php file from the FTP folder into a web folder. | |||||
| CVE-2020-13836 | 1 Google | 1 Android | 2020-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. HWRResProvider allows path traversal for data exposure. The Samsung ID is SVE-2020-16954 (June 2020). | |||||
| CVE-2019-16384 | 1 Cybelesoft | 1 Thinfinity Virtualui | 2020-06-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that can be used for data exfiltration. This enables files outside of the web directory to be retrieved if the exact location is known and the user has permissions. | |||||
| CVE-2020-13795 | 1 Naviwebs | 1 Navigate Cms | 2020-06-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Navigate CMS through 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles ../ and ..\ substrings. | |||||
| CVE-2020-5410 | 1 Vmware | 1 Spring Cloud Config | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. | |||||
| CVE-2020-13792 | 1 Playtube | 1 Playtube | 2020-06-04 | 4.0 MEDIUM | 4.3 MEDIUM |
| PlayTube 1.8 allows disclosure of user details via ajax.php?type=../admin-panel/autoload&page=manage-users directory traversal, aka local file inclusion. | |||||
| CVE-2013-7091 | 1 Synacor | 1 Zimbra Collaboration Suite | 2020-06-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API. | |||||
| CVE-2017-6821 | 1 Synacor | 1 Zimbra Collaboration Suite | 2020-06-04 | 7.5 HIGH | 9.8 CRITICAL |
| Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2020-7652 | 1 Synk | 1 Broker | 2020-06-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal. | |||||
| CVE-2014-8939 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 4.3 MEDIUM | 5.3 MEDIUM |
| Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages. | |||||
| CVE-2020-13227 | 1 Sysax | 1 Multi Server | 2020-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism. | |||||
| CVE-2014-7174 | 1 Farsite | 2 Farlinx X25 Gateway, Farlinx X25 Gateway Firmware | 2020-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature. | |||||
| CVE-2019-0207 | 1 Apache | 1 Tapestry | 2020-05-31 | 5.0 MEDIUM | 7.5 HIGH |
| Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform. | |||||
| CVE-2020-12832 | 1 Simplefilelist | 1 Simple-file-list | 2020-05-21 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. | |||||
| CVE-2019-3828 | 1 Redhat | 1 Ansible | 2020-05-21 | 3.3 LOW | 4.2 MEDIUM |
| Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path. | |||||
| CVE-2020-10691 | 1 Redhat | 2 Ansible Engine, Ansible Tower | 2020-05-21 | 3.6 LOW | 5.2 MEDIUM |
| An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system. | |||||
| CVE-2018-14363 | 2 Debian, Neomutt | 2 Debian Linux, Neomutt | 2020-05-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames. | |||||
| CVE-2009-1779 | 1 Frax | 1 Php Recommend | 2020-05-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the form_include_template parameter. | |||||
| CVE-2018-14355 | 4 Canonical, Debian, Mutt and 1 more | 4 Ubuntu Linux, Debian Linux, Mutt and 1 more | 2020-05-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. | |||||