Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote malicious user to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a...
Cisco Network Services Orchestrator
Cisco Network Services Orchestrator 5.8
NA
CVE-2013-6688
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and previous versions allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCu...
Cisco Unified Communications Manager 8.6\\(1a\\)
Cisco Unified Communications Manager 8.6\\(1\\)
Cisco Unified Communications Manager 8.6
Cisco Unified Communications Manager 8.5\\(1\\)su5
Cisco Unified Communications Manager 8.0\\(2b\\)
Cisco Unified Communications Manager 8.0\\(2a\\)
Cisco Unified Communications Manager 8.0\\(2\\)
Cisco Unified Communications Manager 8.0\\(1\\)
Cisco Unified Communications Manager 7.1\\(5\\)
Cisco Unified Communications Manager 7.1\\(3b\\)su2
Cisco Unified Communications Manager 7.1\\(3b\\)su1
Cisco Unified Communications Manager 7.1\\(3b\\)
Cisco Unified Communications Manager 7.1\\(3a\\)su1a
Cisco Unified Communications Manager 7.0\\(1\\)su1
Cisco Unified Communications Manager 6.1\\(5\\)su3
Cisco Unified Communications Manager 6.1\\(5\\)su2
Cisco Unified Communications Manager 6.1\\(5\\)su1
Cisco Unified Communications Manager 6.1\\(1a\\)
Cisco Unified Communications Manager 6.1\\(1\\)
Cisco Unified Communications Manager 6.0\\(1b\\)
Cisco Unified Communications Manager 6.0\\(1a\\)
Cisco Unified Communications Manager 5.1\\(1\\)
7.5
CVSSv3
CVE-2020-3177
A vulnerability in the Tool for Auto-Registered Phones Support (TAPS) of Cisco Unified Communications Manager (UCM) and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote malicious user to conduct directory traversal attac...
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unified Contact Center Express 12.0\\(1\\)
9.8
CVSSv3
CVE-2022-28219
Cewolf in Zoho ManageEngine ADAudit Plus prior to 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
5 Github repositories
10
CVSSv3
CVE-2017-12815
Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and previous versions revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaSta...
Bomgar Remote Support -
4.4
CVSSv3
CVE-2019-15266
A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local malicious user to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that ...
Cisco Wireless Lan Controller Software
NA
CVE-2024-4701
A path traversal issue potentially leading to remote code execution in Genie for all versions before 4.3.18
1 Github repository
NA
CVE-2013-16053
Core Security Technologies Advisory - MayGion IP cameras suffer from path traversal and buffer overflow vulnerabilities.
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
7.5
CVSSv3
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote malicious users to view arbitrary files via the 'what' parameter.
Aws-dms Aws Xms 2.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »