Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2008-1606
Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1 and 4.1.1 allow remote malicious users to (1) download arbitrary files via a .. (dot dot) in the file parameter to manager/getImportFileRedirect.jsp, (2) upload arbitrary files via a "..\" (dot dot ba...
Elastic Path Elastic Path 4.1.1
Elastic Path Elastic Path 4.1
2 EDB exploits
5
CVSSv2
CVE-2018-3732
resolve-path node module prior to 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path.
Resolve-path Project Resolve-path
6
CVSSv2
CVE-2019-14530
An issue exists in custom/ajax_download.php in OpenEMR prior to 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/open...
Open-emr Openemr
3 Github repositories
NA
CVE-2023-34096
Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an malicious user to upload a file to any folde...
Thruk Thruk
1 Github repository
5
CVSSv2
CVE-2019-12276
A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated malicious users to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch ...
Grandnode Grandnode 4.40
1 EDB exploit
1 Github repository
4.4
CVSSv2
CVE-2019-10038
Evernote 7.9 on macOS allows malicious users to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
Evernote Evernote 7.9
1 EDB exploit
7.5
CVSSv2
CVE-2020-11455
LimeSurvey prior to 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
Limesurvey Limesurvey 4.1.12
Limesurvey Limesurvey
1 Metasploit module
NA
CVE-2022-35919
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any...
Minio Minio
3 Github repositories
4
CVSSv2
CVE-2018-18809
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperRepo...
Tibco Jasperreports Server 6.4.0
Tibco Jasperreports Library 6.4.1
Tibco Jasperreports Server 6.4.2
Tibco Jasperreports Library 6.4.2
Tibco Jasperreports Server
Tibco Jasperreports Server 6.4.1
Tibco Jasperreports Server 6.4.3
Tibco Jasperreports Server 7.1.0
Tibco Jasperreports Server 6.3.4
Tibco Jasperreports Library
Tibco Jasperreports Library 6.3.4
Tibco Jasperreports Library 6.4.21
Tibco Jasperreports Library 7.1.0
Tibco Jasperreports Library 7.2.0
Tibco Jaspersoft Reporting And Analytics
Tibco Jaspersoft
5.5
CVSSv2
CVE-2021-26601
ImpressCMS prior to 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.
Impresscms Impresscms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »