Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-34701
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&...
Cisco Unified Communications Manager
Cisco Unified Communications Manager Im And Presence Service
Cisco Unity Connection
4.4
CVSSv3
CVE-2019-15266
A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local malicious user to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that ...
Cisco Wireless Lan Controller Software
NA
CVE-2013-16053
Core Security Technologies Advisory - MayGion IP cameras suffer from path traversal and buffer overflow vulnerabilities.
6.7
CVSSv3
CVE-2023-20166
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an att...
Cisco Identity Services Engine 3.2
4.9
CVSSv3
CVE-2023-20167
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an att...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
Cisco Identity Services Engine
8.8
CVSSv3
CVE-2020-11531
The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus before 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated malicious user to execute code in the context of the product by writing a JS...
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Datasecurity Plus
7.5
CVSSv3
CVE-2020-3177
A vulnerability in the Tool for Auto-Registered Phones Support (TAPS) of Cisco Unified Communications Manager (UCM) and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote malicious user to conduct directory traversal attac...
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unified Contact Center Express 12.0\\(1\\)
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
7.5
CVSSv3
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote malicious users to view arbitrary files via the 'what' parameter.
Aws-dms Aws Xms 2.5
1 EDB exploit
5.3
CVSSv3
CVE-2017-6805
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in a GET command.
Mobatek Mobaxterm 9.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »