Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file::path vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28072
A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
356
VMScore
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated malicious user to read arbitrary files from the filesystem by specifying the file path.
Unit4 Mik.starlight 7.9.5.24363
NA
CVE-2021-20030
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.
Sonicwall Global Management System
440
VMScore
CVE-2007-4734
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote malicious users to execute arbitrary code via a long file path in an m3u file.
Ots Labs Otsturntables 1.00
2 EDB exploits
445
VMScore
CVE-2020-25842
The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege.
Panorama Nhiservisignadapter 1.0.20.0218
NA
CVE-2023-6750
The Clone WordPress plugin prior to 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path.
Backupbliss Clone
516
VMScore
CVE-2021-21686
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories.
Jenkins Jenkins
NA
CVE-2023-35145
Jenkins Sonargraph Integration Plugin 5.0.1 and previous versions does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Sonargraph Integration
NA
CVE-2023-5514
The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure.
Hitachienergy Esoms
935
VMScore
CVE-2007-4735
Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote malicious users to execute arbitrary code via a long file path in an m3u file.
Next Generation Software Virtual Dj (vdj) 5.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »