Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-0296
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software ...
Cisco Adaptive Security Appliance Software 8.1\\(2.5\\)
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 6.2.3
Cisco Firepower Threat Defense
Cisco Firepower Threat Defense 6.2.3.1
Cisco Firepower Threat Defense 6.2.3-851
Cisco Firepower Threat Defense 6.2.3-85.02
2 EDB exploits
11 Github repositories
1 Article
4
CVSSv2
CVE-2019-3474
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
Microfocus Filr 3.0
1 EDB exploit
7.2
CVSSv2
CVE-2019-3475
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
Microfocus Filr 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2021-41381
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
Payara Micro Community
1 Github repository
6.5
CVSSv2
CVE-2017-9640
A Path Traversal issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web before 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prio...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
1 EDB exploit
4.3
CVSSv2
CVE-2019-3799
Spring Cloud Config, versions 2.1.x before 2.1.2, versions 2.0.x before 2.0.4, and versions 1.4.x before 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, c...
Vmware Spring Cloud Config
Oracle Communications Cloud Native Core Policy 1.15.0
1 EDB exploit
2 Github repositories
7.8
CVSSv2
CVE-2008-4361
Directory traversal vulnerability in PowerPortal 2.0.13 allows remote malicious users to list and possibly read arbitrary files via a .. (dot dot) in the path parameter to the default URI.
Powerportal Powerportal 2.0.13
1 EDB exploit
7.5
CVSSv2
CVE-2018-15540
Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an malicious user to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal.
Agentejo Cockpit -
4.1
CVSSv2
CVE-2019-7227
In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default...
Abb Pb610 Panel Builder 600 Firmware
NA
CVE-2023-33747
CloudPanel v2.2.2 allows malicious users to execute a path traversal.
Mgt-commerce Cloudpanel
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »