Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal
06.03.2024
Jaggar Henry
Low
WordPress User Meta Lite / Pro 2.4.3 Path Traversal
31.05.2022
Julien Ahrens
Med.
SAP Solution Manager 7.2 File Disclosure / Denial Of Service
15.06.2021
Pablo Artuso
Med.
WordPress 5.1.1 Liberator Themes Arbitrary File Download
18.03.2019
KingSkrupellos
Med.
WordPress 5.1.1 Green_Farming_New Themes Arbitrary File Download
18.03.2019
KingSkrupellos
Med.
WordPress 4.8.9 Rowe Themes Arbitrary File Download
18.03.2019
KingSkrupellos
High
D-Link DWR-116 Arbitrary File Download
07.04.2017
Smash_
High
Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download
16.03.2017
Munir Njiru
Med.
QNAP QTS 4.2.1 Build 20160601 Arbitrary File Overwrite
19.08.2016
Sebastian Nerz
High
MiCasaVerde VeraLite 1.5.408 Traversal & Authorization & CSRF & Disclosure
02.08.2013
Daniel Crowley
CVEMAP Search Results
CVE
Details
Description
2024-03-18
CVE-2024-27770
Updating...
Unitronics Unistream Unilogic �?? Versions prior to 1.35.227 - CWE-23: Relative Path Traversal
2024-02-28
CVE-2024-0550
Updating...
A user who is privileged already `manager` or `admin` can set their profile picture via the frontend API using a relative filepath to then user the PFP GET API to download any valid files. The attacker would have to have been granted privileged permissions to the system before executing this attack.
2024-02-20
CVE-2023-42791
Updating...
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
2024-02-14
CVE-2024-1485
Updating...
A vulnerability was found in the decompression function of registry-support. This issue can be triggered by an unauthenticated remote attacker when tricking a user into opening a specially modified .tar archive, leading to the cleanup process following relative paths to overwrite or delete files outside the intended scope.
2024-02-02
CVE-2021-22281
Updating...
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automation Studio: from 4.0 through 4.12.
2023-12-13
CVE-2023-6722
Updating...
A path traversal vulnerability has been detected in Repox, which allows an attacker to read arbitrary files on the running server, resulting in a disclosure of sensitive information. An attacker could access files such as application code or data, backend credentials, operating system files...
2023-10-05
CVE-2023-44386
Updating...
Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.
2023-09-12
CVE-2023-4914
Updating...
Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1.
2023-09-11
CVE-2023-4897
Updating...
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
2023-07-19
CVE-2023-34394
Updating...
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.
Copyright
2024
, cxsecurity.com
Back to Top