Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

path traversal vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv3
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction....
U-root U-root
NA
CVE-2006-2211
Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter....
321soft Php-gallery 0.9
7.5
CVSSv3
CVE-2018-3787
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server....
Simplehttpserver Project Simplehttpserver
7.5
CVSSv3
CVE-2018-3734
stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read content of any file with known path....
Stattic Project Stattic 0.2.3
7.1
CVSSv3
CVE-2017-7929
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories....
Advantech Webaccess
9.8
CVSSv3
CVE-2019-10137
A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem,...
Redhat Satellite 5.0Redhat Spacewalk
8.8
CVSSv3
CVE-2020-5187
DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2)....
Dnnsoftware Dotnetnuke
7.5
CVSSv3
CVE-2018-20792
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php....
Tecrail Responsive Filemanager 9.13.4
6.5
CVSSv3
CVE-2015-9538
The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection....
Imagely Nextgen Gallery
7.5
CVSSv3
CVE-2016-7162
The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive....
Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04File Roller Project File Roller 3.5.4File Roller Project File Roller 3.6.0File Roller Project File Roller 3.6.1File Roller Project File Roller 3.6.1.1File Roller Project File Roller 3.6.2File Roller Project File Roller 3.6.3File Roller Project File Roller 3.6.4File Roller Project File Roller 3.8.0File Roller Project File Roller 3.8.1File Roller Project File Roller 3.8.2File Roller Project File Roller 3.8.3File Roller Project File Roller 3.9.0File Roller Project File Roller 3.9.1File Roller Project File Roller 3.9.2File Roller Project File Roller 3.9.3File Roller Project File Roller 3.10File Roller Project File Roller 3.15File Roller Project File Roller 3.20File Roller Project File Roller 3.20.1File Roller Project File Roller 3.20.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-34595CVE-2022-23713CVE-2022-21786hard-codedremote attackerscross-site request forgeryCVE-2022-2274CVE-2021-37839CVE-2022-26135
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook