Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-42804
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
9.8
CVSSv3
CVE-2019-19228
Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allow malicious users to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
6.5
CVSSv3
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
6.3
CVSSv3
CVE-2013-1429
Lintian prior to 2.5.12 allows remote malicious users to gather information about the "host" system using crafted symlinks.
Debian Lintian 2.5.11
Debian Lintian
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 12.04
8.1
CVSSv3
CVE-2020-3519
A vulnerability in a specific REST API method of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote malicious user to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied in...
Cisco Data Center Network Manager
NA
CVE-2015-7254
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote malicious users to read arbitrary files via a .. (dot dot) in an icon/ URI.
Huawei Hg532s -
Huawei Hg532e -
Huawei Hg532n -
8.1
CVSSv3
CVE-2018-0464
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote malicious user to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests wit...
Cisco Prime Data Center Network Manager 6.3\\(1\\)
Cisco Prime Data Center Network Manager 10.2
Cisco Prime Data Center Network Manager 7.0\\(1\\)
Cisco Prime Data Center Network Manager 7.0\\(2\\)
Cisco Prime Data Center Network Manager 7.1\\(1\\)
Cisco Prime Data Center Network Manager 10.0
Cisco Prime Data Center Network Manager 6.3\\(2\\)
Cisco Prime Data Center Network Manager 10.1
Cisco Prime Data Center Network Manager 10.3\\(1\\)
4.9
CVSSv3
CVE-2020-3490
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The ...
Cisco Vision Dynamic Signage Director 6.2.0
6.5
CVSSv3
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
NA
CVE-2010-42805
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »