Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-37474
Copyparty is a portable file server. Versions before 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root d...
Copyparty Project Copyparty
NA
CVE-2015-8357
Directory traversal vulnerability in the bitrix.xscan module prior to 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix...
Bitrix Xscan
1 EDB exploit
NA
CVE-2013-6688
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and previous versions allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCu...
Cisco Unified Communications Manager 8.6\\(1a\\)
Cisco Unified Communications Manager 8.6\\(1\\)
Cisco Unified Communications Manager 8.6
Cisco Unified Communications Manager 8.5\\(1\\)su5
Cisco Unified Communications Manager 8.0\\(2b\\)
Cisco Unified Communications Manager 8.0\\(2a\\)
Cisco Unified Communications Manager 8.0\\(2\\)
Cisco Unified Communications Manager 8.0\\(1\\)
Cisco Unified Communications Manager 7.1\\(5\\)
Cisco Unified Communications Manager 7.1\\(3b\\)su2
Cisco Unified Communications Manager 7.1\\(3b\\)su1
Cisco Unified Communications Manager 7.1\\(3b\\)
Cisco Unified Communications Manager 7.1\\(3a\\)su1a
Cisco Unified Communications Manager 7.0\\(1\\)su1
Cisco Unified Communications Manager 6.1\\(5\\)su3
Cisco Unified Communications Manager 6.1\\(5\\)su2
Cisco Unified Communications Manager 6.1\\(5\\)su1
Cisco Unified Communications Manager 6.1\\(1a\\)
Cisco Unified Communications Manager 6.1\\(1\\)
Cisco Unified Communications Manager 6.0\\(1b\\)
Cisco Unified Communications Manager 6.0\\(1a\\)
Cisco Unified Communications Manager 5.1\\(1\\)
8.8
CVSSv3
CVE-2022-20962
A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An at...
Cisco Identity Services Engine 3.1
10
CVSSv3
CVE-2017-12815
Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and previous versions revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaSta...
Bomgar Remote Support -
6.7
CVSSv3
CVE-2019-12666
A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local malicious user to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An att...
Cisco Ios Xe
Cisco Ios Xe 16.11.1
NA
CVE-2021-1132
A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain HTTP-based AP...
9.8
CVSSv3
CVE-2022-28219
Cewolf in Zoho ManageEngine ADAudit Plus prior to 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
5 Github repositories
6.5
CVSSv3
CVE-2021-27328
Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.
Yeastar Neogate Tg400 Firmware 91.3.0.3
2 Github repositories
5.5
CVSSv3
CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote malicious user to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a...
Cisco Network Services Orchestrator
Cisco Network Services Orchestrator 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »