Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-16986 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)
|
|||||
| CVE-2019-16985 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 8.5 HIGH | 6.5 MEDIUM |
|
In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.
|
|||||
| CVE-2019-16915 | 1 Netgate | 1 Pfsense | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
|
|||||
| CVE-2019-16903 | 1 Plutinosoft | 1 Platinum | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.
|
|||||
| CVE-2019-16902 | 1 Reputeinfosystems | 1 Arforms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname.
|
|||||
| CVE-2019-16876 | 1 Portainer | 1 Portainer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Portainer before 1.22.1 allows Directory Traversal.
|
|||||
| CVE-2019-16868 | 1 Emlog | 1 Emlog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
|
|||||
| CVE-2019-16867 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. (If the attacker deletes config.php and visits install/index.php, they can reinstall the product.)
|
|||||
| CVE-2019-16777 | 5 Fedoraproject, Npmjs, Opensuse and 2 more | 6 Fedora, Npm, Leap and 3 more | 2024-11-21 | 5.5 MEDIUM | 7.7 HIGH |
|
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a ...
Show More |
|||||
| CVE-2019-16776 | 5 Fedoraproject, Npmjs, Opensuse and 2 more | 6 Fedora, Npm, Leap and 3 more | 2024-11-21 | 5.5 MEDIUM | 7.7 HIGH |
|
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts inst ...
Show More |
|||||
| CVE-2019-16765 | 1 Microsoft | 1 Codeql | 2024-11-21 | 6.8 MEDIUM | 7.4 HIGH |
|
If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to this version using Visual Studio Code Marketplace's upgrade mechanism. After upgrading, the codeQL.cli.executablePath setting can only be set in the per-user settings, and not in the per-workspace setti ...
Show More |
|||||
| CVE-2019-16758 | 1 Lexmark | 2 Services Monitor, Services Monitor Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
|
|||||
| CVE-2019-16680 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, File-roller and 1 more | 2024-11-21 | 2.6 LOW | 4.3 MEDIUM |
|
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
|
|||||
| CVE-2019-16679 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
|
|||||
| CVE-2019-16540 | 1 Jenkins | 1 Support Core | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.
|
|||||
| CVE-2019-16511 | 1 Firegiant | 1 Wix Toolset | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full name of an archive file (even with a ../ sequence) is concatenated with the destination path.
|
|||||
| CVE-2019-16384 | 1 Cybelesoft | 1 Thinfinity Virtualui | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that can be used for data exfiltration. This enables files outside of the web directory to be retrieved if the exact location is known and the user has permissions.
|
|||||
| CVE-2019-16279 | 1 Nazgul | 1 Nostromo Nhttpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
|
|||||
| CVE-2019-16246 | 1 Intesync | 1 Solismed | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.
|
|||||
| CVE-2019-16198 | 1 Kslabs | 1 Ksweb | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter.
|
|||||
| CVE-2019-16132 | 1 Phpok | 1 Oklite | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.
|
|||||
| CVE-2019-16123 | 1 Kartatopia | 1 Piluscart | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.
|
|||||
| CVE-2019-16113 | 1 Bludit | 1 Bludit | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
|
|||||
| CVE-2019-16105 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.
|
|||||
| CVE-2019-16064 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 5.5 MEDIUM | 9.6 CRITICAL |
|
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory contents on the server, create directories and upload files in permissible locations, and modify filenames and delete files that are accessible by the user running the web server instance.
|
|||||
| CVE-2019-15982 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is agg ...
Show More |
|||||
| CVE-2019-15981 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is agg ...
Show More |
|||||
| CVE-2019-15980 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is agg ...
Show More |
|||||
| CVE-2019-15952 | 1 Totaljs | 1 Total.js Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted directory. Also, if a page contains a template directive, then the directive will be server side processed. Thus, if a user can control the content of a .html file, then they can inject a payload with a malicious template directive to gain Remote Command Execution. The exploit will work only with the .html e ...
Show More |
|||||
| CVE-2019-15931 | 1 Intesync | 1 Solismed | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Intesync Solismed 3.3sp allows Directory Traversal, a different vulnerability than CVE-2019-16246.
|
|||||
| CVE-2019-15855 | 1 Maarch | 1 Maarch Rm | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service.
|
|||||
| CVE-2019-15822 | 1 Wpserveur | 1 Wps Child Theme Generator | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal.
|
|||||
| CVE-2019-15714 | 1 Entropic Project | 1 Entropic | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.
|
|||||
| CVE-2019-15648 | 1 Elearningfreak | 1 Insert Or Embed Articulate Content | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
|
|||||
| CVE-2019-15630 | 1 Mulesoft | 2 Api Gateway, Mule Runtime | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.
|
|||||
| CVE-2019-15600 | 1 Http Server Project | 1 Http Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Path traversal exists in http_server which allows an attacker to read arbitrary system files.
|
|||||
| CVE-2019-15596 | 1 Statics-server Project | 1 Statics-server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.
|
|||||
| CVE-2019-15520 | 1 Comelz | 1 Quark | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory.
|
|||||
| CVE-2019-15519 | 1 Power-response Project | 1 Power-response | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
|
|||||
| CVE-2019-15518 | 1 Swoole | 1 Swoole | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
|
|||||