Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7171 | 1 Lynxtechnology | 1 Twonky Server | 2018-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all. | |||||
| CVE-2018-1211 | 1 Dell | 2 Emc Idrac7, Emc Idrac8 | 2018-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings. | |||||
| CVE-2018-1204 | 1 Dell | 1 Emc Isilon Onefs | 2018-04-19 | 7.2 HIGH | 6.7 MEDIUM |
| Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary code with root privileges. | |||||
| CVE-2014-2674 | 1 Ajax-pagination Project | 1 Ajax-pagination | 2018-04-18 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the Ajax Pagination (twitter Style) plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the loop parameter in an ajax_navigation action to wp-admin/admin-ajax.php. | |||||
| CVE-2014-3626 | 1 Grails | 1 Resources | 2018-04-18 | 5.0 MEDIUM | 7.5 HIGH |
| The Grails Resource Plugin often has to exchange URIs for resources with other internal components. Those other components will decode any URI passed to them. To protect against directory traversal the Grails Resource Plugin did the following: normalized the URI, checked the normalized URI did not step outside the appropriate root directory (e.g. the web application root), decoded the URI and checked that this did not introduce additional /../ (and similar) sequences. A bug was introduced where the Grails Resource Plugin before 1.2.13 returned the decoded version of the URI rather than the normalized version of the URI after the directory traversal check. This exposed a double decoding vulnerability. To address this issue, the Grails Resource Plugin now repeatedly decodes the URI up to three times or until decoding no longer changes the URI. If the decode limit of 3 is exceeded the URI is rejected. A side-effect of this is that the Grails Resource Plugin is unable to serve a resource that includes a '%' character in the full path to the resource. Not all environments are vulnerable because of the differences in URL resolving in different servlet containers. Applications deployed to Tomcat 8 and Jetty 9 were found not not be vulnerable, however applications deployed to JBoss EAP 6.3 / JBoss AS 7.4 and JBoss AS 7.1 were found to be vulnerable (other JBoss versions weren't tested). In certain cases JBoss returns JBoss specific vfs protocol urls from URL resolution methods (ClassLoader.getResources). The JBoss vfs URL protocol supports resolving any file on the filesystem. This made the directory traversal possible. There may be other containers, in addition to JBoss, on which this vulnerability is exposed. | |||||
| CVE-2018-7719 | 2 Acrolinx, Microsoft | 2 Acrolinx Server, Windows | 2018-04-18 | 5.0 MEDIUM | 7.5 HIGH |
| Acrolinx Server before 5.2.5 on Windows allows Directory Traversal. | |||||
| CVE-2018-10083 | 1 Cmsmadesimple | 1 Cms Made Simple | 2018-04-13 | 6.4 MEDIUM | 7.5 HIGH |
| CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter. | |||||
| CVE-2018-0542 | 1 Webproxy Project | 1 Webproxy | 2018-04-13 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-14384 | 1 Dell | 1 Storage Manager | 2018-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability. | |||||
| CVE-2018-8712 | 1 Webmin | 1 Webmin | 2018-04-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data from the local system (using Local File Include) such as the '/etc/shadow' file via a "GET /syslog/save_log.cgi?view=1&file=/etc/shadow" request. | |||||
| CVE-2018-1000083 | 1 Ajenti | 1 Ajenti | 2018-04-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds with a traceback error that leaks a path of the server. | |||||
| CVE-2018-7705 | 1 Securenvoy | 1 Securmail | 2018-04-06 | 5.5 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. (dot dot) in the filename parameter to secupload2/upload.aspx. | |||||
| CVE-2018-7706 | 1 Securenvoy | 1 Securmail | 2018-04-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. (dot dot) in the option2 parameter in an attachment action to secmail/getmessage.exe. | |||||
| CVE-2018-7654 | 1 3cx | 1 3cx | 2018-03-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal. | |||||
| CVE-2018-1316 | 1 Apache | 1 Ode | 2018-03-27 | 6.4 MEDIUM | 7.5 HIGH |
| The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was addressed in Apache ODE 1.3.3 which was released in 2009, however the incorrect name CVE-2008-2370 was used on the advisory by mistake. | |||||
| CVE-2018-0525 | 1 Jubat | 1 Jubatus | 2018-03-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2017-17223 | 1 Huawei | 6 Espace 7910, Espace 7910 Firmware, Espace 7950 and 3 more | 2018-03-26 | 8.0 HIGH | 8.8 HIGH |
| Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash. | |||||
| CVE-2018-6810 | 1 Citrix | 4 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware, Netscaler Gateway and 1 more | 2018-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. | |||||
| CVE-2018-2367 | 1 Sap | 1 Business Application Software Integrated Solution | 2018-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. | |||||
| CVE-2018-2380 | 1 Sap | 1 Customer Relationship Management | 2018-03-23 | 6.5 MEDIUM | 6.6 MEDIUM |
| SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. | |||||