Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
absolute vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1423
tmp_view.php in FUDforum prior to 2.2.0 allows remote malicious users to read arbitrary files via an absolute pathname in the file parameter.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
1 EDB exploit
9.3
CVSSv3
CVE-2022-31502
The operatorequals/wormnest repository up to and including 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Wormnest Project Wormnest
9.3
CVSSv3
CVE-2022-31503
The orchest/orchest repository prior to 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Orchest Orchest
9.3
CVSSv3
CVE-2022-31506
The cmusatyalab/opendiamond repository up to and including 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Cmu Opendiamond
9.3
CVSSv3
CVE-2022-31519
The Lukasavicus/WindMill repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Windmill Project Windmill 1.0
9.3
CVSSv3
CVE-2022-31523
The PaddlePaddle/Anakin repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Paddlepaddle Anakin
9.3
CVSSv3
CVE-2022-31525
The SummaLabs/DLS repository up to and including 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Deep Learning Studio Project Deep Learning Studio 0.1.0
9.3
CVSSv3
CVE-2022-31531
The dainst/cilantro repository up to and including 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Dainst Cilantro
9.3
CVSSv3
CVE-2022-31539
The kotekan/kotekan repository up to and including 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Kotekan Project Kotekan
9.3
CVSSv3
CVE-2022-31543
The maxtortime/SetupBox repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Setupbox Project Setupbox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »