Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19229 | 1 Fronius | 132 Datamanager Box 2.0, Datamanager Box 2.0 Firmware, Eco 25.0-3-s and 129 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
|
|||||
| CVE-2019-19141 | 1 Plex | 1 Media Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as (on a default Ubuntu installation) creating a .ssh folder in the plex user's home directory via directory traversal, uploading an SSH authorized_keys file there, and logging into the host as the Plex user via SSH.
|
|||||
| CVE-2019-19102 | 1 Br-automation | 1 Automation Studio | 2024-11-21 | 5.0 MEDIUM | 5.5 MEDIUM |
|
A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip.
|
|||||
| CVE-2019-19088 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
|
|||||
| CVE-2019-18978 | 3 Canonical, Debian, Rack-cors Project | 3 Ubuntu Linux, Debian Linux, Rack-cors | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
|
|||||
| CVE-2019-18951 | 1 Sibsoft | 1 Xfilesharing | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
|
|||||
| CVE-2019-18924 | 1 Systematic | 1 Iris Webforms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.
|
|||||
| CVE-2019-18922 | 1 Alliedtelesis | 2 At-gs950\/8, At-gs950\/8 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.
|
|||||
| CVE-2019-18871 | 1 Blaauwproducts | 1 Remote Kiln Control | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution.
|
|||||
| CVE-2019-18870 | 1 Blaauwproducts | 1 Remote Kiln Control | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.
|
|||||
| CVE-2019-18665 | 1 Secudos | 1 Domos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.
|
|||||
| CVE-2019-18393 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
|
|||||
| CVE-2019-18371 | 1 Mi | 2 Millet Router 3g, Millet Router 3g Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.
|
|||||
| CVE-2019-18338 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
|
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal
vulnerability in its XML-based communication protocol as provided by default
on ports 5444/tcp and 5440/tcp.
An authenticated remote attacker with network access to the CCS server
could exploit this vulnerability to list arbitrary directories
or read files outside of the CCS application context.
|
|||||
| CVE-2019-18253 | 1 Hitachienergy | 2 Relion 670, Relion 670 Firmware | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
|
An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.
|
|||||
| CVE-2019-18212 | 3 Eclipse, Theia Xml Extension Project, Xml Language Server Project | 3 Wild Web Developer, Theia Xml Extension, Xml Server Project | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
|
|||||
| CVE-2019-18189 | 1 Trendmicro | 3 Apex One, Officescan, Worry-free Business Security | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.
|
|||||
| CVE-2019-17662 | 1 Cybelsoft | 1 Thinvnc | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.
|
|||||
| CVE-2019-17640 | 1 Eclipse | 1 Vert.x | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the current working directory.
|
|||||
| CVE-2019-17572 | 1 Apache | 1 Rocketmq | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.
|
|||||
| CVE-2019-17538 | 1 Jnoj | 1 Jiangnan Online Judge | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.
|
|||||
| CVE-2019-17537 | 1 Jnoj | 1 Jiangnan Online Judge | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.
|
|||||
| CVE-2019-17406 | 1 Nokia | 1 Impact | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
|
|||||
| CVE-2019-17404 | 1 Nokia | 1 Impact | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Nokia IMPACT < 18A: allows full path disclosure
|
|||||
| CVE-2019-17399 | 1 Joomlashack | 1 Shack Forms Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment.
|
|||||
| CVE-2019-17327 | 1 Tmaxsoft | 1 Jeus | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.
|
|||||
| CVE-2019-17324 | 1 Clipsoft | 1 Rexpert | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
|
|||||
| CVE-2019-17322 | 1 Clipsoft | 1 Rexpert | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written. This can be an executable file that is written to in the arbitrary directory. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
|
|||||
| CVE-2019-17314 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user.
|
|||||
| CVE-2019-17313 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
|
|||||
| CVE-2019-17312 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
|
|||||
| CVE-2019-17311 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
|
|||||
| CVE-2019-17224 | 1 Compal | 2 Ch7465lg, Ch7465lg Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html.
|
|||||
| CVE-2019-17199 | 2 Microsoft, Webpagetest | 2 Windows, Webpagetest | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.
|
|||||
| CVE-2019-17187 | 1 Fiberhome | 2 Hg2201t, Hg2201t Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files.
|
|||||
| CVE-2019-17180 | 2 Microsoft, Valvesoftware | 2 Windows, Steam Client | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact.
|
|||||
| CVE-2019-17175 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal.
|
|||||
| CVE-2019-17109 | 1 Koji Project | 1 Koji | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
|
|||||
| CVE-2019-17073 | 1 Emlog | 1 Emlog | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.
|
|||||
| CVE-2019-16990 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
|
|||||