Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file::path vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-22028
In versions of Greenplum database before 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.
Greenplum Greenplum
10
CVSSv2
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent malicious users to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI.
Php Php 5.2.0
1 EDB exploit
NA
CVE-2022-36890
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and previous versions does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controll...
Jenkins Deployer Framework
NA
CVE-2022-36904
Jenkins Repository Connector Plugin 2.2.0 and previous versions does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller fi...
Jenkins Repository Connector
NA
CVE-2022-36914
Jenkins Files Found Trigger Plugin 1.5 and previous versions does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file ...
Jenkins Files Found Trigger
6.8
CVSSv2
CVE-2007-0468
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote malicious users to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.
Microsoft Visual Studio 6.0
NA
CVE-2023-32985
Jenkins Sidebar Link Plugin 2.2.1 and previous versions does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file syste...
Jenkins Sidebar Link
NA
CVE-2023-24449
Jenkins PWauth Security Realm Plugin 0.4 and previous versions does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller fil...
Jenkins Pwauth Security Realm
4.6
CVSSv2
CVE-2020-9072
Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the malicious user to obtain a hig...
Huawei Osd Firmware
5
CVSSv2
CVE-2019-18997
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and previous versions potentially allows access to files outside of the working directory, thus...
Abb Pb610 Panel Builder 600
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »