Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33510 | 1 Jeecg P3 Biz Chat Project | 1 Jeecg P3 Biz Chat | 2025-01-07 | N/A | 7.5 HIGH |
|
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
|
|||||
| CVE-2024-56286 | 2025-01-07 | N/A | 7.5 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0.
|
|||||
| CVE-2024-12152 | 2025-01-07 | N/A | 7.5 HIGH | ||
|
The MIPL WC Multisite Sync plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.5 via the 'mipl_wc_sync_download_log' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2024-12849 | 2025-01-07 | N/A | 7.5 HIGH | ||
|
The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2023-30198 | 1 Webbax | 1 Winbizpayment | 2025-01-06 | N/A | 7.5 HIGH |
|
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
|
|||||
| CVE-2024-12793 | 1 Pbootcms | 1 Pbootcms | 2025-01-06 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.4 is able to address this issue. It is recommended to upgrade the affected component.
|
|||||
| CVE-2023-51640 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 4.7 MEDIUM |
|
Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the extarctZippedFile [sic] method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An a ...
Show More |
|||||
| CVE-2023-51639 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 9.8 CRITICAL |
|
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the downloadExportedChart action. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to bypass authenti ...
Show More |
|||||
| CVE-2023-51647 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 4.7 MEDIUM |
|
Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the saveInlineEdit method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can ...
Show More |
|||||
| CVE-2023-51646 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 4.7 MEDIUM |
|
Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the uploadSimpleFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker ...
Show More |
|||||
| CVE-2023-51645 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 4.7 MEDIUM |
|
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the unzipFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage t ...
Show More |
|||||
| CVE-2023-51643 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 4.7 MEDIUM |
|
Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the uploadFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage ...
Show More |
|||||
| CVE-2023-52334 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 6.5 MEDIUM |
|
Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.
The specific flaw exists within the downloadAttachmentGlobal action. The issue results from the lack of proper va ...
Show More |
|||||
| CVE-2023-52333 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 7.3 HIGH |
|
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.
The specific flaw exists within the saveFile method. The issue results from the lack of proper validation of a user-supplied path prior to ...
Show More |
|||||
| CVE-2023-52332 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 7.5 HIGH |
|
Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the serveMathJaxLibraries method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to discl ...
Show More |
|||||
| CVE-2023-51648 | 1 Alltena | 1 Allegra | 2025-01-03 | N/A | 6.5 MEDIUM |
|
Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a registration mechanism that can be used to create a new user with a sufficient privilege level.
The specific flaw exists within the getFileContentAsString method. The issue results from the lack of prope ...
Show More |
|||||
| CVE-2024-1703 | 1 Crmeb | 1 Crmeb | 2025-01-03 | 2.7 LOW | 3.5 LOW |
|
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254391. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-1704 | 1 Crmeb | 1 Crmeb | 2025-01-03 | 5.2 MEDIUM | 5.5 MEDIUM |
|
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This vulnerability affects the function save/delete of the file /adminapi/system/crud. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254392. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-12830 | 1 Arista | 1 Ng Firewall | 2025-01-03 | N/A | 7.3 HIGH |
|
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the custom_handler method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vu ...
Show More |
|||||
| CVE-2024-56514 | 2025-01-03 | N/A | N/A | ||
|
Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTP(s) URL to retrieve the custom resource definitions(CRDs) needed by Karmada. The CRDs are downloaded as a gzipped tarfile and are vulnerable to a TarSlip vulnerability. An attacker able to supply a malicious CRD file into a Karmada initial ...
Show More |
|||||
| CVE-2023-34865 | 2 Linux, Ujcms | 2 Linux Kernel, Ujcms | 2025-01-03 | N/A | 9.8 CRITICAL |
|
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature.
|
|||||
| CVE-2021-43783 | 1 Linuxfoundation | 1 Backstage | 2025-01-03 | 5.5 MEDIUM | 8.5 HIGH |
|
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a template, meaning you do not need write access to the templates. This method will not allow ...
Show More |
|||||
| CVE-2024-45816 | 1 Linuxfoundation | 1 Backstage | 2025-01-03 | N/A | 6.5 MEDIUM |
|
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks in Backstage. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. All users are advised to upgrade. There are no known workarounds for this vulnerability.
|
|||||
| CVE-2024-27921 | 1 Getgrav | 1 Grav | 2025-01-02 | N/A | 8.8 HIGH |
|
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses severe risks, that can allow attackers to inject arbitrary code on the server, undermine integrity of backup files by overwriting existing files or creating new ones, and exfiltrate sensitive data usin ...
Show More |
|||||
| CVE-2024-45401 | 1 Stripe | 1 Stripe Cli | 2025-01-02 | N/A | 7.5 HIGH |
|
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence o ...
Show More |
|||||
| CVE-2023-29200 | 1 Contao | 1 Contao | 2025-01-02 | N/A | 4.3 MEDIUM |
|
Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao 4.9.40, 4.13.21 or 5.1.4 to receive a patch. There are no known workarounds.
|
|||||
| CVE-2024-56248 | 2025-01-02 | N/A | 4.9 MEDIUM | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webdeclic WPMasterToolKit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through 1.13.1.
|
|||||
| CVE-2024-54453 | 2024-12-31 | N/A | 7.5 HIGH | ||
|
An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such as the obfuscated and/or compiled Kurmi source code.
|
|||||
| CVE-2024-56198 | 2024-12-31 | N/A | N/A | ||
|
path-sanitizer is a simple lightweight npm package for sanitizing paths to prevent Path Traversal. Prior to 3.1.0, the filters can be bypassed using .=%5c which results in a path traversal. This vulnerability is fixed in 3.1.0.
|
|||||
| CVE-2024-54452 | 2024-12-28 | N/A | 4.9 MEDIUM | ||
|
An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18. A Directory Traversal and Local File Inclusion vulnerability in the logsSys.do page allows remote attackers (authenticated as administrators) to trigger the display of unintended files. Any file accessible to the Kurmi user account could be displayed, e.g., configuration files with information such as the database password.
|
|||||
| CVE-2024-56509 | 2024-12-27 | N/A | 8.6 HIGH | ||
|
changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to ...
Show More |
|||||
| CVE-2024-0113 | 1 Nvidia | 8 Mga100-hs2, Mlnx-gw, Mlnx-os and 5 more | 2024-12-26 | N/A | 7.5 HIGH |
|
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.
|
|||||
| CVE-2024-12850 | 2024-12-24 | N/A | 4.9 MEDIUM | ||
|
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the database_backup_ajax_download() function. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2024-56331 | 2024-12-20 | N/A | 6.8 MEDIUM | ||
|
Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **"real-browser"** request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as `file:///etc/passwd`, an attacker can read sensitive data from the server. This vulnerability arises because the system ...
Show More |
|||||
| CVE-2024-7565 | 1 Smartbear | 1 Soapui | 2024-12-19 | N/A | 7.8 HIGH |
|
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the unpackageAll function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file op ...
Show More |
|||||
| CVE-2023-41877 | 1 Geoserver | 1 Geoserver | 2024-12-18 | N/A | 7.2 HIGH |
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for log file location to an arbitrary location. The admin console GeoServer Logs page provides a preview of these contents. As this issue requires GeoServer administrators access, often representing a trusted party, the vulne ...
Show More |
|||||
| CVE-2024-56142 | 2024-12-18 | N/A | 6.5 MEDIUM | ||
|
pghoard is a PostgreSQL backup daemon and restore tooling that stores backup data in cloud object stores. A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information. This issue has been addressed in releases after 2.2.2a. Users are advised to upgrade. There are no know ...
Show More |
|||||
| CVE-2024-41922 | 1 Veertu | 1 Anka Build Cloud | 2024-12-18 | N/A | 7.5 HIGH |
|
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
|
|||||
| CVE-2024-41163 | 1 Veertu | 1 Anka Build Cloud | 2024-12-18 | N/A | 7.5 HIGH |
|
A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
|
|||||
| CVE-2024-21547 | 2024-12-18 | N/A | 7.5 HIGH | ||
|
Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\\. An attacker could read any file on the server by exploiting the normalization of \ into /.
|
|||||