Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38706 | 1 Hasthemes | 1 Ht Mega | 2025-02-05 | N/A | 6.5 MEDIUM |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HasThemes HT Mega allows Path Traversal.This issue affects HT Mega: from n/a through 2.5.7.
|
|||||
| CVE-2023-26101 | 1 Progress | 1 Flowmon Packet Investigator | 2025-02-05 | N/A | 7.5 HIGH |
|
In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem.
|
|||||
| CVE-2023-47679 | 1 Qodeinteractive | 1 Qi Addons For Elementor | 2025-02-05 | N/A | 6.4 MEDIUM |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3.
|
|||||
| CVE-2024-13409 | 1 Wpwax | 1 Post Grid\, Slider \& Carousel Ultimate | 2025-02-05 | N/A | 7.5 HIGH |
|
The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.10 via the 'theme' parameter of the post_type_ajax_handler() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass acce ...
Show More |
|||||
| CVE-2023-31059 | 1 Repetier-server | 1 Repetier-server | 2025-02-04 | N/A | 7.5 HIGH |
|
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.
|
|||||
| CVE-2024-13550 | 1 Paulrosen | 1 Abc Notation | 2025-02-04 | N/A | 6.5 MEDIUM |
|
The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.1.3 via the 'file' attribute of the 'abcjs' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2022-36400 | 1 Intel | 7 Nuc 8 Rugged Kit Nuc8cchkr, Nuc Board Nuc8cchb, Nuc Kit Nuc5pgyh and 4 more | 2025-02-04 | N/A | 6.7 MEDIUM |
|
Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2024-25944 | 1 Dell | 1 Openmanage Enterprise | 2025-02-04 | N/A | 5.7 MEDIUM |
|
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on the server filesystem, with the privileges of the running web application.
|
|||||
| CVE-2024-24908 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2025-02-04 | N/A | 6.5 MEDIUM |
|
Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability to deletion of arbitrary files stored on the server filesystem.
|
|||||
| CVE-2023-23838 | 2 Microsoft, Solarwinds | 2 Windows, Database Performance Analyzer | 2025-02-04 | N/A | 6.5 MEDIUM |
|
Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server.
|
|||||
| CVE-2025-24961 | 2025-02-03 | N/A | N/A | ||
|
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
|
|||||
| CVE-2025-24960 | 2025-02-03 | N/A | 8.7 HIGH | ||
|
Jellystat is a free and open source Statistics App for Jellyfin. In affected versions Jellystat is directly using a user input in the route(s). This can lead to Path Traversal Vulnerabilities. Since this functionality is only for admin(s), there is very little scope for abuse. However, the `DELETE` `files/:filename` can be used to delete any file. This issue has been addressed in version 1.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
|
|||||
| CVE-2024-57784 | 2025-02-03 | N/A | 5.5 MEDIUM | ||
|
An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal.
|
|||||
| CVE-2023-27105 | 1 Shanling | 3 Eddict Player, M2x, Mtouch Os | 2025-02-03 | N/A | 9.8 CRITICAL |
|
A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal.
|
|||||
| CVE-2023-30265 | 1 Cltphp | 1 Cltphp | 2025-02-03 | N/A | 6.5 MEDIUM |
|
CLTPHP <=6.0 is vulnerable to Directory Traversal.
|
|||||
| CVE-2024-3573 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 9.3 CRITICAL |
|
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least ...
Show More |
|||||
| CVE-2024-1593 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
|
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smugg ...
Show More |
|||||
| CVE-2024-1594 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
|
A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect.
|
|||||
| CVE-2024-1560 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 8.1 HIGH |
|
A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, whic ...
Show More |
|||||
| CVE-2025-24569 | 2025-02-03 | N/A | 7.5 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Path Traversal. This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through 1.7.5.
|
|||||
| CVE-2025-23819 | 2025-02-03 | N/A | 7.5 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound WP Cloud allows Absolute Path Traversal. This issue affects WP Cloud: from n/a through 1.4.3.
|
|||||
| CVE-2024-1558 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
|
A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that bypasses the `_validate_non_local_source_contains_relative_paths(source)` function's checks, allowing for arbitrary file read access on the server. The issue arises from the handling of unquoted URL characters and the subseque ...
Show More |
|||||
| CVE-2024-1483 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
|
A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers.
|
|||||
| CVE-2025-24891 | 2025-01-31 | N/A | 9.6 CRITICAL | ||
|
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject malicious payloads into files ran on schedule or upon certain service actions. As the service is not required to run with authentication enabled, this may permit wholly unprivileged users root access. O ...
Show More |
|||||
| CVE-2024-57728 | 1 Simple-help | 1 Simplehelp | 2025-01-31 | N/A | 7.2 HIGH |
|
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.
|
|||||
| CVE-2023-31483 | 1 Cauldrondevelopment | 1 Cbang | 2025-01-31 | N/A | 7.5 HIGH |
|
tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the attacker to create or write to files outside the current directory via a crafted tar archive.
|
|||||
| CVE-2023-30380 | 1 Dedecms | 1 Dedecms | 2025-01-31 | N/A | 7.5 HIGH |
|
An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal.
|
|||||
| CVE-2023-26243 | 1 Hyundai | 2 Gen5w L In-vehicle Infotainment System, Gen5w L In-vehicle Infotainment System Firmware | 2025-01-31 | N/A | 7.8 HIGH |
|
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to create custom firmware that may be installed in the IVI system. Then, an attacker may be able to install a backdoor in the IVI system that may allow him to control it, if it is connected to the Int ...
Show More |
|||||
| CVE-2017-20184 | 1 Gavazzionline | 1 Powersoft | 2025-01-31 | N/A | 7.5 HIGH |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device.
|
|||||
| CVE-2024-13671 | 1 Partitionnumerique | 1 Music Sheet Viewer | 2025-01-31 | N/A | 7.5 HIGH |
|
The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the read_score_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2024-46664 | 1 Fortinet | 1 Fortirecorder | 2025-01-31 | N/A | 5.5 MEDIUM |
|
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests.
|
|||||
| CVE-2024-36512 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2025-01-31 | N/A | 7.2 HIGH |
|
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
|
|||||
| CVE-2024-47566 | 1 Fortinet | 1 Fortirecorder | 2025-01-31 | N/A | 5.1 MEDIUM |
|
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.
|
|||||
| CVE-2023-30507 | 1 Arubanetworks | 1 Edgeconnect Enterprise | 2025-01-31 | N/A | 4.9 MEDIUM |
|
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
|
|||||
| CVE-2024-54154 | 1 Jetbrains | 1 Youtrack | 2025-01-31 | N/A | 8.0 HIGH |
|
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox
|
|||||
| CVE-2023-28413 | 1 Snow Monkey Forms Project | 1 Snow Monkey Forms | 2025-01-31 | N/A | 9.8 CRITICAL |
|
Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.
|
|||||
| CVE-2023-27507 | 1 Microengine | 1 Mailform | 2025-01-31 | N/A | 9.8 CRITICAL |
|
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
|
|||||
| CVE-2023-27067 | 1 Sitecore | 1 Experience Platform | 2025-01-31 | N/A | 7.5 HIGH |
|
Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx
|
|||||
| CVE-2023-27066 | 1 Sitecore | 1 Experience Platform | 2025-01-31 | N/A | 6.5 MEDIUM |
|
Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle.
|
|||||
| CVE-2024-13720 | 1 Ivanm | 1 Wp Image Uploader | 2025-01-30 | N/A | 8.8 HIGH |
|
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the gky_image_uploader_main_function() function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
|
|||||