Total
181 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8865 | 2 Debian, Horde | 2 Debian Linux, Groupware | 2022-10-07 | 6.5 MEDIUM | 6.3 MEDIUM |
| This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469. | |||||
| CVE-2022-2922 | 1 Dnnsoftware | 1 Dotnetnuke | 2022-10-04 | N/A | 4.9 MEDIUM |
| Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. | |||||
| CVE-2022-28814 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2022-09-30 | N/A | 9.8 CRITICAL |
| Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device. | |||||
| CVE-2020-5410 | 1 Vmware | 1 Spring Cloud Config | 2022-09-20 | 5.0 MEDIUM | 7.5 HIGH |
| Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. | |||||
| CVE-2022-36081 | 1 Wikmd Project | 1 Wikmd | 2022-09-12 | N/A | 7.5 HIGH |
| Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing `/list/<path:folderpath>` and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue. | |||||
| CVE-2022-34378 | 1 Dell | 1 Emc Powerscale Onefs | 2022-09-08 | N/A | 5.5 MEDIUM |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2022-34836 | 1 Abb | 1 Zenon | 2022-08-31 | N/A | 8.2 HIGH |
| Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc. | |||||
| CVE-2021-41242 | 1 Frentix | 1 Openolat | 2022-08-09 | 7.9 HIGH | 8.1 HIGH |
| OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files anywhere on the target system. The attack could be used to write files anywhere in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account, an enabled REST API and the rights on a business object to call the vulnerable REST calls. The problem is fixed in version 15.5.12 and 16.0.5. There is a workaround available. The vulnerability requires the REST module to be enabled. Disabling the REST module or limiting the REST module via some firewall or web-server access rules to be accessed only be trusted systems will mitigate the risk. | |||||
| CVE-2020-4039 | 1 Fossasia | 1 Susi.ai | 2022-08-05 | 6.4 MEDIUM | 9.1 CRITICAL |
| SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, some files can also be moved or deleted. | |||||
| CVE-2022-1648 | 1 Pandorafms | 1 Pandora Fms | 2022-08-02 | N/A | 7.2 HIGH |
| Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege. | |||||
| CVE-2022-2139 | 1 Advantech | 1 Iview | 2022-07-29 | N/A | 9.8 CRITICAL |
| The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | |||||
| CVE-2021-43555 | 1 Myscada | 1 Mydesigner | 2022-07-25 | 6.8 MEDIUM | 7.8 HIGH |
| mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution. | |||||
| CVE-2022-29097 | 1 Dell | 1 Wyse Management Suite | 2022-07-06 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | |||||
| CVE-2022-2120 | 1 Offis | 1 Dcmtk | 2022-07-05 | 7.5 HIGH | 9.8 CRITICAL |
| OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution. | |||||
| CVE-2021-32825 | 1 Bblfshd Project | 1 Bblfshd | 2022-07-02 | 5.5 MEDIUM | 9.1 CRITICAL |
| bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may lead to arbitrary file write (with same permissions as the program running the unpack operation) if the attacker can control the archive file. Additionally, if the attacker has read access to the unpacked files, he may be able to read arbitrary system files the parent process has permissions to read. For more details including a PoC see the referenced GHSL-2020-258. | |||||
| CVE-2021-32954 | 1 Advantech | 1 Webaccess\/scada | 2022-07-02 | 6.8 MEDIUM | 6.5 MEDIUM |
| Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. | |||||
| CVE-2020-27304 | 2 Civetweb Project, Siemens | 2 Civetweb, Sinec Infrastructure Network Services | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal | |||||
| CVE-2021-34605 | 1 Xinje | 1 Xd\/e Series Plc Program Tool | 2022-05-19 | 6.0 MEDIUM | 7.3 HIGH |
| A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool. | |||||
| CVE-2021-37196 | 1 Siemens | 1 Comos | 2022-04-30 | 3.5 LOW | 6.5 MEDIUM |
| A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice. | |||||
| CVE-2021-32949 | 1 Auvesy-mdt | 2 Autosave, Autosave For System Platform | 2022-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file. | |||||