Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
path traversal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1606
Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1 and 4.1.1 allow remote attackers to (1) download arbitrary files via a .. (dot dot) in the file parameter to manager/getImportFileRedirect.jsp, (2) upload arbitrary files via a "..\" (dot dot...
Elastic Path Elastic Path 4.1.1
Elastic Path Elastic Path 4.1
2 EDB exploits available
7.5
CVSSv3
CVE-2018-3732
resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path....
Resolve-path Project Resolve-path
5.5
CVSSv3
CVE-2018-1002200
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'....
Codehaus-plexus Plexus-archiver
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.5
3 Github repositories available
6.8
CVSSv3
CVE-2020-5512
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal....
Gilacms Gila Cms 1.11.8
5.7
CVSSv3
CVE-2019-3415
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files....
Zte Zxmw Nr8000 Firmware 2.4.4.04
Zte Zxmw Nr8000 Firmware 2.4.4.03
7.5
CVE-2023-31179
AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request. ...
Agilepoint Agilepoint Nx 8.0
7.5
CVSSv3
CVE-2020-14366
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...
Redhat Keycloak
7.5
CVSSv3
CVE-2019-1020001
yard before 0.9.20 allows path traversal....
Yardoc Yard
7.5
CVSSv3
CVE-2021-41024
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request...
Fortinet Fortiproxy 7.0.0
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
9.8
CVE-2022-41772
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution. ...
Deltaww Infrasuite Device Master
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49380
CVE-2023-49447
CVE-2023-22522
CVE-2023-45285
CVE-2023-22523
open redirect
CVE-2023-49105
remote attackers
inject
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon