CWE:
 

Tytuł
Data
Autor
Med.
Crystal Live HTTP Server 6.01 Directory Traversal
19.11.2019
numan turle
Med.
Lexmark Services Monitor 2.27.4.0.39 Directory Traversal
19.11.2019
Kevin Randall
Med.
gSOAP 2.8 Directory Traversal
14.11.2019
numan turle
High
Bludit Directory Traversal Image File Upload
13.11.2019
sinn3r
Med.
Jira Service Desk Server / Data Center Path Traversal
10.11.2019
Atlassian
High
Nostromo Directory Traversal Remote Command Execution (Metasploit)
04.11.2019
Quentin Kaiser
High
Nostromo 1.9.6 Directory Traversal / Remote Command Execution
01.11.2019
Quentin Kaiser
Med.
WordPress Arforms 3.7.1 Directory Traversal
27.10.2019
Ahmad Almorabea
High
Generic Zip Slip Traversal
12.09.2019
sinn3r
Med.
Tibco JasperSoft Path Traversal
10.09.2019
Elar Lang
Med.
Totaljs CMS 12.0 Path Traversal
05.09.2019
Riccardo Krauter
Med.
Nimble Streamer 3.0.2-2 < 3.5.4-9 Directory Traversal
23.08.2019
MAYASEVEN
High
Cisco Adaptive Security Appliance Path Traversal (Metasploit)
13.08.2019
Anonymous
High
Veritas Resiliency Platform (VRP) Traversal / Command Execution
01.08.2019
David Dillard
Med.
Sahi pro 8.x Directory Traversal
12.07.2019
Alexander Bluestein
Med.
GrandNode 4.40 Path Traversal / File Download
25.06.2019
Corey Robinson
Med.
ABB IDAL FTP Server Path Traversal
25.06.2019
Eldar Marcussen
Med.
Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal
20.06.2019
mr_me
Med.
Sahi Pro 7.x / 8.x Directory Traversal
19.06.2019
Goutham Madhwaraj
Med.
BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution
19.06.2019
Aaron Bishop
High
Supra Smart Cloud TV Remote File Inclusion
06.06.2019
Mishra Dhiraj
Med.
Typora 0.9.9.24.6 Directory Traversal
29.05.2019
Mishra Dhiraj
Med.
Moodle Jmol Filter 6.1 Directory Traversal / Cross-Site Scripting
21.05.2019
Dionach Ltd
Med.
NetNumber Titan ENUM/DNS/NP 7.9.1 Bypass / Traversal
11.05.2019
MobileNetworkSecurity
Med.
Spring Cloud Config 2.1.x Path Traversal
01.05.2019
Mishra Dhiraj
Med.
Joomla Core 1.5.0 3.9.4 Directory Traversal / Authenticated Arbitrary File Deletion
23.04.2019
Haboob Team
High
Oracle Business Intelligence Directory Traversal
21.04.2019
Vahagn Vardanyan
Med.
Evernote 7.9 Path Traversal / Code Execution
19.04.2019
Mishra Dhiraj
Med.
Joomla 3.9.4 Arbitrary File Deletion / Directory Traversal
17.04.2019
Haboob Team
Med.
Titan FTP Server 2019 Build 3505 Directory Traversal
27.03.2019
Kevin Randall
Med.
CoreFTP Server FTP / SFTP Server 2 Build 674 MDTM Directory Traversal
13.03.2019
Kevin Randall
Med.
MarcomCentral FusionPro VDP Creator Directory Traversal
05.03.2019
0v3rride
Med.
Micro Focus Filr 3.4.0.217 Path Traversal / Privilege Escalation
22.02.2019
Leandro Cuozzo
High
SureMDM Local / Remote File Inclusion
02.02.2019
Digital Interruption
Med.
GL-AR300M-Lite 2.2.7 Command Injection / Directory Traversal
17.01.2019
Pasquale Turi
Med.
Aspose.ZIP For .NET Path Traversal
10.01.2019
Jaroslav Lobacevski
High
Roxy Fileman 1.4.5 File Upload / Directory Traversal
08.01.2019
Pongtorn Angsuchotmete...
Med.
Transcend Wi-Fi SD Card Cross Site Request Forgery / Traversal
18.12.2018
MustLive
Low
Responsive FileManager 9.13.4 XSS / File Manipulation / Traversal
15.12.2018
farisv
Med.
Zyxel VMG1312-B10D 5.13AAXA.8 Directory Traversal
26.11.2018
x-hayben21
High
D-Link Plain-Text Password Storage / Code Execution / Directory Traversal
19.10.2018
Blazej Adamczyk
Med.
Citrix StorageZones Controller Improper Access Restrictions / Traversal
27.09.2018
Wolfgang Ettlinger
Med.
Rubedo CMS 3.4.0 Directory Traversal
12.09.2018
Marouene Boubakri
Med.
Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal
08.09.2018
Carlos Avila
Med.
Argus Surveillance DVR 4.0.0.0 Directory Traversal
29.08.2018
hyp3rlinx
Med.
PCViewer vt1000 Directory Traversal
23.08.2018
Berk Dusunur
Med.
Oracle GlassFish Server 4.1 Directory Traversal
14.08.2018
Mishra Dhiraj
Med.
LG-Ericsson iPECS NMS 30M Directory Traversal
09.08.2018
Safak Aslan
Med.
CMS ISWEB 3.5.3 Directory Traversal
06.08.2018
Thiago Sena
Med.
cgit < 1.2.1 cgit_clone_objects() Directory Traversal
03.08.2018
Google Security Resear...
Med.
GeoVision GV-SNVR0811 Directory Traversal
25.07.2018
Berk Dusunur
Low
D-link DAP-1360 Path Traversal / Cross-Site Scripting
25.07.2018
r3m0t3nu11
Med.
VelotiSmart WiFi B-380 Camera Directory Traversal
17.07.2018
Miguel Mendez Z
Med.
Dicoogle PACS 2.5.0 Directory Traversal
12.07.2018
Carlos Avila
Med.
Mirasys DVMS Workstation 5.12.6 Path Traversal
22.06.2018
Dick Snel
Med.
IPConfigure Orchid VMS 2.0.5 Directory Traversal Information Disclosure
20.06.2018
Sanjiv Kawa
Med.
Redatam Web Server Directory Traversal
18.06.2018
Berk Dusunur
High
WordPress Redirection 2.7.3 Remote File Inclusion
13.06.2018
Glyn Wintle
Med.
TAC Xenta 511/911 Directory Traversal
31.05.2018
Marek Cybul
High
Cisco SA520W Security Appliance Path Traversal
19.05.2018
Nassim Asrir
High
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI
15.05.2018
Imre Rad
Med.
IceWarp Mail Server < 11.1.1 Directory Traversal
04.05.2018
Piotr Karolak
Med.
Sitecore.NET 8.1 Directory Traversal
27.04.2018
Chris Moberly
Med.
Ncomputing vSpace Pro v10 and v11 Directory Traversal PoC
24.04.2018
Javier Bernardo
Med.
Seagate Media Server Path Traversal
20.04.2018
Yorick Koster
Med.
TwonkyMedia Server 7.0.11-8.5 Directory Traversal
29.03.2018
Sven Fassbender
Med.
Acrolinx Server Directory Traversal
27.03.2018
Berk Dusunur
Med.
Bomgar Remote Support Portal (RSP) Path Traversal
24.03.2018
Filip Palian
Med.
Advantech WebAccess < 8.3 Directory Traversal / Remote Code Execution
13.03.2018
Chris Lyne
Med.
Parallels Remote Application Server 15.5 Path Traversal
04.03.2018
Nicolas Markitanis
Med.
uWSGI < 2.0.17 Directory Traversal
03.03.2018
Marios Nicolaides
Med.
Sophos XG Firewall 16.05.4 MR-4 Path Traversal
16.02.2018
SecuriTeam
Med.
Oracle Hospitality Simphony (MICROS) 2.9 Directory Traversal
05.02.2018
Dmitry Chastuhin
Med.
Joomla! Picture Calendar For Joomla 3.1.4 Directory Traversal
31.01.2018
Ihsan Sencan
Med.
PACSOne Server 6.6.2 DICOM Web Viewer Directory Traversal
29.01.2018
Carlos Avila
Med.
Yawcam 0.6.0 Directory Traversal
09.01.2018
David Panter
Med.
WordPress WooCommerce 2.0 / 3.0 Directory Traversal
01.12.2017
Fu2x200
Med.
Android Gmail < 7.11.5.176568039 Directory Traversal in Attachment Download
28.11.2017
Google
Med.
Ulterius Server < 1.9.5.0 Directory Traversal
15.11.2017
Rick Osgood
Med.
3CX Phone System 15.5.3554.1 Directory Traversal
18.10.2017
Jens Regel
Med.
WordPress Smush Image 2.7.4.1 Directory Traversal
05.10.2017
Ricardo Sanchez
Med.
Cloudview NMS 2.00b Writable Directory Traversal Execution
17.09.2017
james fitts
Med.
Carlo Gavazzi Powersoft 2.1.1.1 Directory Traversal
15.09.2017
james fitts
Med.
Indusoft Web Studio - Directory Traversal Information Disclosure
14.09.2017
james fitts
Med.
Huawei HG255s Directory Traversal
08.09.2017
Ahmet Mersin
High
Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write
23.08.2017
Gjoko 'LiquidWorm' Krs...
Low
Cisco DDR2200 / 2201v1 Insecure Direct Object Reference / Path Traversal
17.07.2017
Matheus Bernardes
Med.
Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal
11.07.2017
Gjoko 'LiquidWorm' Krs...
Med.
Kaspersky Anti-Virus File Server 8.0.3.297 - Multiple Vulnerabilities
29.06.2017
CORE
Med.
WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal
21.06.2017
Tom Adams
Med.
Home FTP Server 1.14.0 Build 176 Directory Traversal
31.05.2017
Sultan Albalawi
Med.
Trend Micro Threat Discovery Appliance 2.6.1062r1 logoff.cgi Directory Traversal
20.04.2017
Steven Seeley
Med.
XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal
13.04.2017
keksec
Med.
MyBB <1.8.11 Directory Traversal
12.04.2017
Zhiyang Zeng
Med.
Miele Professional PG 8528 Directory Traversal
25.03.2017
Jens Regel
Med.
OpenSSH On Cygwin SFTP Client Directory Traversal
22.03.2017
jannh
Med.
HttpServer 1.0 Directory Traversal
20.03.2017
malwrforensics
High
dnaLIMS Code Execution / XSS / Traversal / Session Hijacking
11.03.2017
Nicholas von Pechmann
Med.
Joomla Akeeba Backup 5.2.5 Directory Traversal
08.03.2017
Persian Hack Team
High
Ettercap 0.8.2 Etterfilter Out-Of-Bounds Read
06.03.2017
AromalUllas


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2019-11-14
Low
CVE-2019-3662

Vendor: Mcafee
Software: Advanced thr...
 

 
Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.

 
Medium
CVE-2019-18978

Vendor: Rack-cors project
Software: Rack-cors
 

 
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.

 
2019-11-13
Medium
CVE-2019-18951

Vendor: Sibsoft
Software: Xfilesharing
 

 
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.

 
2019-11-12
Medium
CVE-2019-18924

Vendor: Systematic
Software: Iris webforms
 

 
Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.

 
2019-11-08
Medium
CVE-2019-17327

Vendor: Tmaxsoft
Software: JEUS
 

 
JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.

 
2019-11-07
Low
CVE-2019-15004

Vendor: Atlassian
Software: Jira service...
 

 
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability.

 
2019-11-06
Low
CVE-2019-10218

Vendor: Samba
Software: Samba
 

 
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.

 
2019-10-30
Low
CVE-2019-17324

Updating...
 

 
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

 
2019-10-29
Medium
CVE-2009-3887

Updating...
 

 
ytnef has directory traversal

 
2019-10-28
Medium
CVE-2005-2349

Updating...
 

 
Zoo 2.10 has Directory traversal

 

 


Copyright 2019, cxsecurity.com

 

Back to Top