Search
Total
4706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0956 | 1 Tel-ster | 1 Telwin Scada Webinterface | 2023-08-08 | N/A | 7.5 HIGH |
| External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system. | |||||
| CVE-2023-39143 | 2 Microsoft, Papercut | 3 Windows, Papercut Mf, Papercut Ng | 2023-08-08 | N/A | 9.8 CRITICAL |
| PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration). | |||||
| CVE-2023-38950 | 1 Zkteco | 1 Biotime | 2023-08-08 | N/A | 7.5 HIGH |
| A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | |||||
| CVE-2023-38951 | 1 Zkteco | 1 Biotime | 2023-08-08 | N/A | 9.8 CRITICAL |
| A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration. | |||||
| CVE-2023-3348 | 1 Cloudflare | 1 Wrangler | 2023-08-08 | N/A | 5.7 MEDIUM |
| The Wrangler command line tool (<=wrangler@3.1.0) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). This vulnerability enabled an attacker in the same network as the victim to connect to the local development server and access the victim's files present outside of the directory for the development server. | |||||
| CVE-2023-3329 | 1 Spidercontrol | 1 Scadawebserver | 2023-08-08 | N/A | 6.5 MEDIUM |
| SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting system files and creating a denial-of-service condition. | |||||
| CVE-2022-26838 | 1 Cybozu | 1 Remote Service Manager | 2023-08-08 | N/A | 6.5 MEDIUM |
| Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition. | |||||
| CVE-2022-30804 | 1 Elitecms | 1 Elite Cms | 2023-08-08 | 5.5 MEDIUM | 6.5 MEDIUM |
| elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. | |||||
| CVE-2022-3060 | 1 Gitlab | 1 Gitlab | 2023-08-08 | N/A | 7.3 HIGH |
| Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests | |||||
| CVE-2022-38638 | 1 Casbin | 1 Casdoor | 2023-08-08 | N/A | 9.1 CRITICAL |
| Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource. | |||||
| CVE-2022-42977 | 1 Atlassian | 1 Confluence Data Center | 2023-08-08 | N/A | 7.5 HIGH |
| The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system (e.g., an SSH private key) to be downloaded. | |||||
| CVE-2022-29281 | 1 Notable | 1 Notable | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths). | |||||
| CVE-2022-31475 | 1 Givewp | 1 Givewp | 2023-08-08 | N/A | 4.9 MEDIUM |
| Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress. | |||||
| CVE-2021-23484 | 1 Zip-local Project | 1 Zip-local | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory. | |||||
| CVE-2022-1128 | 2 Google, Microsoft | 2 Chrome, Windows | 2023-08-08 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-35235 | 1 Xplodedthemes | 1 Wpide - File Manager \& Code Editor | 2023-08-08 | N/A | 4.9 MEDIUM |
| Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. | |||||
| CVE-2022-20962 | 1 Cisco | 1 Identity Services Engine | 2023-08-08 | N/A | 8.8 HIGH |
| A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request with absolute path sequences. A successful exploit could allow the attacker to upload malicious files to arbitrary locations within the file system. Using this method, it is possible to access the underlying operating system and execute commands with system privileges. | |||||
| CVE-2022-38258 | 1 Dlink | 2 Dir-819, Dir-819 Firmware | 2023-08-08 | N/A | 8.1 HIGH |
| A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request. | |||||
| CVE-2022-44280 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2023-08-08 | N/A | 6.5 MEDIUM |
| Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master.php?f=delete_img. | |||||
| CVE-2022-37042 | 1 Zimbra | 1 Collaboration | 2023-08-08 | N/A | 9.8 CRITICAL |
| Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. | |||||
| CVE-2022-28741 | 1 Aenrich | 1 A\+hrd | 2023-08-08 | N/A | 8.1 HIGH |
| aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion (LFI) vulnerability that occurs due to missing input validation in v5.x | |||||
| CVE-2022-36687 | 1 Ingredient Stock Management System Project | 1 Ingredient Stock Management System | 2023-08-08 | N/A | 6.5 MEDIUM |
| Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. | |||||
| CVE-2022-41352 | 1 Zimbra | 1 Collaboration | 2023-08-08 | N/A | 9.8 CRITICAL |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio. | |||||
| CVE-2022-29464 | 1 Wso2 | 5 Api Manager, Enterprise Integrator, Identity Server and 2 more | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0. | |||||
| CVE-2022-21999 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-30508 | 1 Dedecms | 1 Dedecms | 2023-08-08 | 5.5 MEDIUM | 6.5 MEDIUM |
| DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via the delete parameter. | |||||
| CVE-2022-30321 | 1 Hashicorp | 1 Go-getter | 2023-08-08 | 7.5 HIGH | 8.6 HIGH |
| go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0. | |||||
| CVE-2021-38163 | 1 Sap | 1 Netweaver | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable. | |||||
| CVE-2022-32409 | 1 Softwarepublico | 1 I3geo | 2023-08-08 | N/A | 9.8 CRITICAL |
| A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request. | |||||
| CVE-2021-22005 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. | |||||
| CVE-2022-26019 | 1 Netgate | 2 Pfsense, Pfsense Plus | 2023-08-08 | 8.5 HIGH | 8.8 HIGH |
| Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution. | |||||
| CVE-2022-32328 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2023-08-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. | |||||
| CVE-2022-4779 | 1 Elvexys | 1 Streamx | 2023-08-08 | N/A | 9.8 CRITICAL |
| StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected. | |||||
| CVE-2022-29081 | 1 Zohocorp | 3 Manageengine Access Manager Plus, Manageengine Pam360, Manageengine Password Manager Pro | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize) via the ../RestAPI substring. | |||||
| CVE-2021-21972 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). | |||||
| CVE-2022-25856 | 1 Argo Events Project | 1 Argo Events | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ... | |||||
| CVE-2022-27925 | 1 Zimbra | 1 Collaboration | 2023-08-08 | 6.5 MEDIUM | 7.2 HIGH |
| Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal. | |||||
| CVE-2022-47945 | 1 Thinkphp | 1 Thinkphp | 2023-08-08 | N/A | 9.8 CRITICAL |
| ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. | |||||
| CVE-2022-46900 | 1 Vocera | 2 Report Server, Voice Server | 2023-08-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters. | |||||
| CVE-2023-38956 | 1 Zkteco | 1 Bioaccess Ivs | 2023-08-07 | N/A | 7.5 HIGH |
| A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | |||||
| CVE-2023-31427 | 1 Broadcom | 1 Fabric Operating System | 2023-08-07 | N/A | 7.8 HIGH |
| Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled. | |||||
| CVE-2023-33369 | 1 Assaabloy | 1 Control Id Idsecure | 2023-08-07 | N/A | 9.1 CRITICAL |
| A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service. | |||||
| CVE-2023-3385 | 1 Gitlab | 1 Gitlab | 2023-08-04 | N/A | 6.5 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 8.10 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Under specific circumstances, a user importing a project 'from export' could access and read unrelated files via uploading a specially crafted file. This was due to a bug in `tar`, fixed in [`tar-1.35`](https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html). | |||||
| CVE-2022-46902 | 1 Vocera | 2 Report Server, Voice Server | 2023-08-04 | N/A | 7.5 HIGH |
| An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination. | |||||
| CVE-2023-35016 | 1 Ibm | 1 Security Verify Governance | 2023-08-04 | N/A | 6.5 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772. | |||||
| CVE-2022-42182 | 1 Precisely | 1 Spectrum Spatial Analyst | 2023-08-04 | N/A | 5.3 MEDIUM |
| Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal. | |||||
| CVE-2023-37218 | 1 Tadirantele | 1 Aeonix | 2023-08-04 | N/A | 7.5 HIGH |
| Tadiran Telecom Aeonix - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | |||||
| CVE-2022-31457 | 1 Rtx Trap Project | 1 Rtx Trap | 2023-08-02 | N/A | 7.5 HIGH |
| RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/. | |||||
| CVE-2008-0615 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2023-08-02 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters. | |||||
| CVE-2007-4559 | 1 Python | 1 Python | 2023-08-02 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | |||||