Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50164
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or gre...
Apache Struts
13 Github repositories
2 Articles
NA
CVE-2023-46307
An issue exists in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote sy...
Buddho Etcd Browser -
NA
CVE-2023-49282
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/Ge...
Microsoft Graph
NA
CVE-2023-49283
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at `vendor/microsoft/microsoft-graph-...
Microsoft Graph
NA
CVE-2023-29377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
NA
CVE-2023-47251
In mprivacy-tools prior to 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool dir...
M-privacy Mprivacy-tools
M-privacy Tightgatevnc
NA
CVE-2023-6160
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the maybe_serve_export function. This makes it possible for authenticated attackers, with administrator or LMS manager ac...
Lifterlms Lifterlms
NA
CVE-2023-22273
Adobe RoboHelp Server versions 11.4 and previous versions are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this is...
Adobe Robohelp Server
NA
CVE-2023-6020
LFI in Ray's /static/ directory allows malicious users to read any file on the server without authentication.
Ray Project Ray -
2 Articles
NA
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version before 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create ...
Dell Endpoint Security Suite Enterprise
Dell Encryption
Dell Security Management Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »