Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
path traversal vulnerabilities and exploits
(subscribe to this query)
610
VMScore
CVE-2008-1606
Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1 and 4.1.1 allow remote attackers to (1) download arbitrary files via a .. (dot dot) in the file parameter to manager/getImportFileRedirect.jsp, (2) upload arbitrary files via a "..\" (dot dot...
Elastic Path Elastic Path 4.1
Elastic Path Elastic Path 4.1.1
2 EDB exploits available
445
VMScore
CVE-2018-3732
resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path....
Resolve-path Project Resolve-path
NA
CVE-2020-3387
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. The vulnerability is due to insufficient input sanitization during user authentication processing. An attacker could exploit...
Cisco Sd-wan Firmware
383
VMScore
CVE-2018-1002200
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'....
Plexus-archiver Project Plexus-archiver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
1 Github repository available
NA
CVE-2020-5512
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal....
Gilacms Gila Cms 1.11.8
NA
CVE-2019-3415
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files....
Zte Zxmw Nr8000 Firmware 2.4.4.03
Zte Zxmw Nr8000 Firmware 2.4.4.04
NA
CVE-2020-14366
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...
Redhat Keycloak
445
VMScore
CVE-2016-9177
Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI....
Sparkjava Spark
187
VMScore
CVE-2018-1047
A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files....
Redhat Jboss Wildfly Application Server 9.0.0
Redhat Jboss Wildfly Application Server 9.0.1
Redhat Jboss Wildfly Application Server 9.0.2
Redhat Jboss Wildfly Application Server 10.0.0
Redhat Jboss Wildfly Application Server 10.1.0
Redhat Jboss Wildfly Application Server 11.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
NA
CVE-2021-20095
Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary code....
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-13662
CVE-2021-24272
mass assignment
suitecrm
local
elevation of privilege
salesagility
CVE-2021-24293
CVE-2020-20218
CVE-2021-22893
CVE-2021-21551
Vulnerability Notification
Get Started
1
2
3
4
5
NEXT »
Vulmon
