Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26601 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.
|
|||||
| CVE-2021-26575 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletesolvideofile function.
|
|||||
| CVE-2021-26574 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.
|
|||||
| CVE-2021-26504 | 1 Dgtl | 1 Huemagic | 2024-11-21 | N/A | 7.5 HIGH |
|
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.
|
|||||
| CVE-2021-26294 | 1 Afterlogic | 2 Aurora, Webmail Pro | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/%2e%2e when using the caldav_public_user account (with caldav_public_user as its password).
|
|||||
| CVE-2021-26293 | 1 Afterlogic | 2 Aurora, Webmail Pro | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
|
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x.
|
|||||
| CVE-2021-26028 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
|
|||||
| CVE-2021-25864 | 1 Dgtl | 1 Huemagic | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
|
|||||
| CVE-2021-25833 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer.
|
|||||
| CVE-2021-25511 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 6.3 MEDIUM |
|
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
|
|||||
| CVE-2021-25485 | 1 Google | 1 Android | 2024-11-21 | 5.8 MEDIUM | 7.5 HIGH |
|
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.
|
|||||
| CVE-2021-25452 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.
|
|||||
| CVE-2021-25450 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 4.5 MEDIUM |
|
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket.
|
|||||
| CVE-2021-25367 | 1 Samsung | 1 Notes | 2024-11-21 | 5.5 MEDIUM | 3.7 LOW |
|
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
|
|||||
| CVE-2021-25361 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.9 HIGH |
|
An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications.
|
|||||
| CVE-2021-25311 | 1 Wisc | 1 Htcondor | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
|
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
|
|||||
| CVE-2021-25282 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
|
|||||
| CVE-2021-25140 | 1 Hp | 1 Moonshot Provisioning Manager | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This vulnerability could be remotely exploited by an unauthenticated user to cause a directory traversal in user supplied input to the `khuploadfile.cgi` CGI ELF. The directory traversal could lead to Remote Code ...
Show More |
|||||
| CVE-2021-25129 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
|
|||||
| CVE-2021-25128 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.
|
|||||
| CVE-2021-25125 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.
|
|||||
| CVE-2021-25124 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.
|
|||||
| CVE-2021-25082 | 1 Sygnoos | 1 Popup Builder | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, since the beginning of the string can be controlled, the issue can lead to RCE vulnerability via wrappers such as PHAR
|
|||||
| CVE-2021-25021 | 1 Ffw | 1 Optimize My Google Fonts | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin
|
|||||
| CVE-2021-25020 | 1 Daan | 1 Complete Analytics Optimization Suite | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin
|
|||||
| CVE-2021-24970 | 1 Plugins360 | 1 All-in-one Video Gallery | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue
|
|||||
| CVE-2021-24962 | 1 Iptanus | 2 Wordpress File Upload, Wordpress File Upload Pro | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.
|
|||||
| CVE-2021-24820 | 1 Bold-themes | 1 Cost Calculator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout
|
|||||
| CVE-2021-24761 | 1 Bestwebsoft | 1 Error Log Viewer | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server.
|
|||||
| CVE-2021-24692 | 1 Tipsandtricks-hq | 1 Simple Download Monitor | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector.
|
|||||
| CVE-2021-24689 | 1 Wpeverest | 1 Contact Form | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack
|
|||||
| CVE-2021-24644 | 1 Imagestowebp Project | 1 Images To Webp | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue
|
|||||
| CVE-2021-24639 | 1 Ffw | 1 Omgf | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgf_ajax_empty_dir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server.
|
|||||
| CVE-2021-24638 | 1 Ffw | 1 Omgf | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
The OMGF WordPress plugin before 4.5.4 does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwrite arbitrary CSS file with Google Fonts CSS, or download fonts uploaded on Google Fonts website.
|
|||||
| CVE-2021-24549 | 1 Aceide Project | 1 Aceide | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
The AceIDE WordPress plugin through 2.6.2 does not sanitise or validate the user input which is appended to system paths before using it in various actions, such as to read arbitrary files from the server. This allows high privilege users such as administrator to access any file on the web server outside of the blog directory via a path traversal attack.
|
|||||
| CVE-2021-24453 | 1 Include Me Project | 1 Include Me | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure
|
|||||
| CVE-2021-24447 | 1 Silkypress | 1 Wp Image Zoom | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The WP Image Zoom WordPress plugin before 1.47 did not validate its tab parameter before using it in the include_once() function, leading to a local file inclusion issue in the admin dashboard
|
|||||
| CVE-2021-24375 | 1 Stockware | 1 Motor | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Lack of authentication or validation in motor_load_more, motor_gallery_load_more, motor_quick_view and motor_project_quick_view AJAX handlers of the Motor WordPress theme before 3.1.0 allows an unauthenticated attacker access to arbitrary files in the server file system, and to execute arbitrary php scripts found on the server file system. We found no vulnerability for uploading files with this theme, so any scripts to be executed must already be on the server file system.
|
|||||
| CVE-2021-24363 | 1 10web | 1 Photo Gallery | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector
|
|||||
| CVE-2021-24242 | 1 Themeum | 1 Tutor Lms | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
|
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file
|
|||||