Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22629
An issue exists in TitanFTP up to and including 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
Southrivertech Titan Ftp Server
5.5
CVSSv2
CVE-2021-26601
ImpressCMS prior to 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.
Impresscms Impresscms
NA
CVE-2020-128272
MJML versions 4.6.2 and below suffer from a path traversal vulnerability.
4
CVSSv2
CVE-2022-27248
A directory traversal vulnerability in IdeaRE RefTree prior to 2021.09.17 allows remote authenticated users to download arbitrary .dwg files from a remote server by specifying an absolute or relative path when invoking the affected DownloadDwg endpoint. An attack uses the path fi...
Idearespa Reftree
4
CVSSv2
CVE-2017-14537
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
Netfortris Trixbox 2.8.0.4
NA
CVE-2023-30451
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][base...
Typo3 Typo3 11.5.24
5
CVSSv2
CVE-2017-11456
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Geneko Gwr352 3g Router Firmware -
Geneko Gwr352wv Wide Voltage 3g Router Firmware -
Geneko Gwr252 Edge Router Firmware -
Geneko Gwr202 Gprs Router Firmware -
1 EDB exploit
4
CVSSv2
CVE-2018-18809
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperRepo...
Tibco Jasperreports Server 6.4.0
Tibco Jasperreports Library 6.4.1
Tibco Jasperreports Server 6.4.2
Tibco Jasperreports Library 6.4.2
Tibco Jasperreports Server
Tibco Jasperreports Server 6.4.1
Tibco Jasperreports Server 6.4.3
Tibco Jasperreports Server 7.1.0
Tibco Jasperreports Server 6.3.4
Tibco Jasperreports Library
Tibco Jasperreports Library 6.3.4
Tibco Jasperreports Library 6.4.21
Tibco Jasperreports Library 7.1.0
Tibco Jasperreports Library 7.2.0
Tibco Jaspersoft Reporting And Analytics
Tibco Jaspersoft
10
CVSSv2
CVE-2015-0984
Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers prior to...
Honeywell Excel Web Xl 1000c50 52 I\\/o
Honeywell Excel Web Xl 1000c1000 600 I\\/o Uukl
Honeywell Excel Web Xl 1000c500 300 I\\/o
Honeywell Excel Web Xl 1000c1000 600 I\\/o
Honeywell Excel Web Xl 1000c50u 52 I\\/o Uukl
Honeywell Excel Web Xl 1000c100u 104 I\\/o Uukl
Honeywell Excel Web Xl 1000c100 104 I\\/o
Honeywell Excel Web Xl 1000c500 300 I\\/o Uukl
NA
CVE-2023-40279
An issue exists in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »