Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
relative vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23784
A relative path traversal in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to information disclosure via specially crafted web requests.
Fortinet Fortiweb
7.5
CVSSv2
CVE-2021-34074
PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. To bypass the built-in protection, a relative path is used in the requests.
Pandorafms Pandora Fms
7.5
CVSSv2
CVE-2021-28023
Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths.
Servicetonic Servicetonic
NA
CVE-2024-32830
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeKraft BuddyForms allows Server Side Request Forgery, Relative Path Traversal.This issue affects BuddyForms: from n/a up to and including 2.8.8.
NA
CVE-2022-45368
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lenderd 1003 Mortgage Application allows Relative Path Traversal.This issue affects 1003 Mortgage Application: from n/a up to and including 1.75.
NA
CVE-2023-25264
An issue exists in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments.
Docmosis Tornado
NA
CVE-2023-27993
A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and prior to 7.1.1 allows a privileged malicious user to delete arbitrary directories from the underlying file system via crafted CLI commands.
Fortinet Fortiadc
Fortinet Fortiadc 7.2.0
5
CVSSv2
CVE-2019-13408
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows malicious users to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.
Androvideo Vd 1 Firmware
Geovision Gv-vr360 Firmware
Geovision Gv-vd8700 Firmware
NA
CVE-2023-46197
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a up to and including 1.10.19.
1 Github repository
NA
CVE-2024-27282
An issue exists in Ruby 3.x up to and including 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5,...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »