Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2014-3317
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Cisco Unified Communications Manager 10.0\\(1\\)
4
CVSSv2
CVE-2014-3318
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.
Cisco Unified Communications Manager
Cisco Unified Communications Manager 10.0\\(1\\) Base
5.8
CVSSv2
CVE-2020-3597
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote malicious user to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backu...
Cisco Nexus Data Broker
NA
CVE-2024-31860
Improper Input Validation vulnerability in Apache Zeppelin. By adding relative path indicators(E.g ..), attackers can see the contents for any files in the filesystem that the server account can access. This issue affects Apache Zeppelin: from 0.9.0 prior to 0.11.0. Users are rec...
5
CVSSv2
CVE-2022-23793
An issue exists in Joomla! 3.0.0 up to and including 3.10.6 & 4.0.0 up to and including 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
Joomla Joomla\\!
4
CVSSv2
CVE-2022-22931
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the user...
Apache James 3.6.1
5
CVSSv2
CVE-2019-13584
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request.
Fanucamerica Robotics Virtual Robot Controller 8.23
9
CVSSv2
CVE-2020-3383
A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. The vulnerability is due to a lack of proper input validation of paths that are emb...
Cisco Data Center Network Manager
4
CVSSv2
CVE-2020-3401
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient v...
Cisco Sd-wan Firmware
6.8
CVSSv2
CVE-2020-3490
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The ...
Cisco Vision Dynamic Signage Director 6.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »