Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
absolute vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-3281
In Django 2.2 prior to 2.2.18, 3.0 prior to 3.0.12, and 3.1 prior to 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths wi...
Djangoproject Django
Fedoraproject Fedora 33
Netapp Snapcenter -
1 Github repository
445
VMScore
CVE-2000-0874
Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).
Qualcomm Eudora 4.2
Qualcomm Eudora 4.3
NA
CVE-2023-35852
In Suricata prior to 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requ...
Oisf Suricata
356
VMScore
CVE-2013-7140
XML External Entity (XXE) vulnerability in the CalDAV interface in Open-Xchange (OX) AppSuite 7.4.1 and previous versions allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has be...
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.4.0
Open-xchange Open-xchange Appsuite 6.22.0
Open-xchange Open-xchange Appsuite 6.20.7
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 6.22.1
NA
CVE-2023-6118
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.This issue affects IP Camera: before b1130.1.0.1.
Neutron Neu-ipb210-28 Firmware
Neutron Ntl-pt-06wod-3mp Firmware
Neutron Neu-ipb410-28 Firmware
Neutron Ntl-bc-01w Firmware
Neutron Neu-ipbm211 Firmware
Neutron Ntl-pt-09-wos-3mp Firmware
Neutron Neu-ipbm411 Firmware
Neutron Ntl-pt-10-4gwos-3mp Firmware
Neutron Ipc2224-sr3-npf-36 Firmware
Neutron Ipc2624-sr3-npf-36 Firmware
Neutron Ntl-bc-03-snm Firmware
Neutron Ntl-bc-03-snp Firmware
Neutron Neu-ipd220-28 Firmware
Neutron Ntl-bc01-m Firmware
Neutron Neu-ipdm221 Firmware
Neutron Neu-ipdm421 Firmware
Neutron Ntl-ip05-3mp Firmware
356
VMScore
CVE-2019-11515
core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files.
Gilacms Gila Cms 1.10.1
1000
VMScore
CVE-2002-1034
none.php for SunPS iRunbook 2.5.2 allows remote malicious users to read arbitrary files via an absolute pathname in the argument.
Sun I-runbook 2.5.2
1 EDB exploit
445
VMScore
CVE-1999-0882
Falcon web server allows remote malicious users to determine the absolute path of the web root via long file names.
Falcon Falcon Web Server 1.0.0.1006
405
VMScore
CVE-2014-3225
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x up to and including 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
Cobblerd Cobbler 2.6.0
Cobblerd Cobbler 2.4.4
Cobblerd Cobbler 2.4.1
Cobblerd Cobbler 2.4.0
Cobblerd Cobbler 2.4.3
Cobblerd Cobbler 2.4.2
1 EDB exploit
570
VMScore
CVE-2022-31523
The PaddlePaddle/Anakin repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Paddlepaddle Anakin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »