CWE:
 

Topic
Date
Author
Med.
WordPress 5.1.1 Liberator Themes Arbitrary File Download
18.03.2019
KingSkrupellos
Med.
WordPress 5.1.1 Green_Farming_New Themes Arbitrary File Download
18.03.2019
KingSkrupellos
Med.
WordPress 4.8.9 Rowe Themes Arbitrary File Download
18.03.2019
KingSkrupellos
High
D-Link DWR-116 Arbitrary File Download
07.04.2017
Smash_
High
Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download
16.03.2017
Munir Njiru
Med.
QNAP QTS 4.2.1 Build 20160601 Arbitrary File Overwrite
19.08.2016
Sebastian Nerz
High
MiCasaVerde VeraLite 1.5.408 Traversal & Authorization & CSRF & Disclosure
02.08.2013
Daniel Crowley


CVEMAP Search Results

CVE
Details
Description
2021-05-07
Waiting for details
CVE-2021-29488

Updating...
 

 
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround, limit downloads to NZBs without PAR2 files, deny write permissions to the SABnzbd process outside areas it must access to perform its job, or update to a fixed version.

 
2021-04-30
Waiting for details
CVE-2020-4039

Updating...
 

 
SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, some files can also be moved or deleted.

 
2020-12-14
Low
CVE-2019-19287

Vendor: Siemens
Software: XHQ
 

 
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.

 
2020-11-06
Medium
CVE-2020-25172

Vendor: Bbraun
Software: Onlinesuite ...
 

 
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top