Total
5025 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-27577 | 1 Flarum | 1 Flarum | 2023-03-16 | N/A | 4.9 MEDIUM |
flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on the server through the use of path traversal techniques. An attacker can achieve this by providing an absolute path to a sensitive file in the custom `LESS` setting, which the `LESS` parser will then read. For example, an attacker could use the following code to read the contents of the `/etc/passwd` file on a linux machine. The scope of what files are vulnerable will depend on the permissions given to the running flarum process. The vulnerability has been addressed in version `1.7`. Users should upgrade to this version to mitigate the vulnerability. Users unable to upgrade may mitigate the vulnerability by ensuring that their admin accounts are secured with strong passwords and follow other best practices for account security. Additionally, users can limit the exposure of sensitive files on the server by implementing appropriate file permissions and access controls at the operating system level. | |||||
CVE-2023-25814 | 1 Metersphere | 1 Metersphere | 2023-03-15 | N/A | 6.5 MEDIUM |
metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the system to read arbitrary files on the filesystem of the server so long as the server process itself has permission to read the requested files. This issue has been addressed in version 2.7.1. All users are advised to upgrade. There are no known workarounds for this issue. | |||||
CVE-2023-27475 | 1 Goutil Project | 1 Goutil | 2023-03-15 | N/A | 8.8 HIGH |
Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version 0.6.0, users are advised to upgrade. There are no known workarounds for this issue. | |||||
CVE-2023-23760 | 1 Github | 1 Enterprise Server | 2023-03-14 | N/A | 8.8 HIGH |
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to versions 3.8 and was fixed in versions 3.7.7, 3.6.10, 3.5.14, and 3.4.17. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
CVE-2021-33353 | 1 Wyomind | 1 Help Desk | 2023-03-14 | N/A | 9.8 CRITICAL |
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. | |||||
CVE-2022-42476 | 1 Fortinet | 2 Fortios, Fortiproxy | 2023-03-14 | N/A | 8.2 HIGH |
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests. | |||||
CVE-2017-20181 | 1 Vocable Trainer Project | 1 Vocable Trainer | 2023-03-14 | N/A | 5.5 MEDIUM |
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is accf6838078f8eb105cfc7865aba5c705fb68426. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222328. | |||||
CVE-2022-41328 | 1 Fortinet | 1 Fortios | 2023-03-14 | N/A | 7.1 HIGH |
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. | |||||
CVE-2022-48362 | 1 Zohocorp | 1 Manageengine Desktop Central | 2023-03-14 | N/A | 8.8 HIGH |
Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. (The attacker could authenticate by exploiting CVE-2021-44515.) | |||||
CVE-2023-25304 | 1 Prismlauncher | 1 Prism Launcher | 2023-03-13 | N/A | 7.8 HIGH |
Prism Launcher <= 6.1 is vulnerable to Directory Traversal. | |||||
CVE-2023-22336 | 1 Dos-osaka | 2 Rakuraku Pc Cloud Agent, Ss1 | 2023-03-13 | N/A | 9.8 CRITICAL |
Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device. | |||||
CVE-2023-1191 | 1 Xjd2020 | 1 Fastcms | 2023-03-10 | N/A | 7.2 HIGH |
A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222363. | |||||
CVE-2023-26111 | 2 \@nubosoftware\/node-static Project, Node-static Project | 2 \@nubosoftware\/node-static, Node-static | 2023-03-10 | N/A | 7.5 HIGH |
All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function. | |||||
CVE-2023-22772 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2023-03-10 | N/A | 6.5 MEDIUM |
An authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system. | |||||
CVE-2023-1163 | 1 Draytek | 2 Vigor 2960, Vigor 2960 Firmware | 2023-03-10 | N/A | 6.5 MEDIUM |
A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and classified as problematic. Affected by this vulnerability is the function sub_1DA58 of the file mainfunction.cgi. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259. | |||||
CVE-2022-41722 | 2 Golang, Microsoft | 2 Go, Windows | 2023-03-10 | N/A | 7.5 HIGH |
A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b". | |||||
CVE-2020-5001 | 1 Ibm | 1 Financial Transaction Manager | 2023-03-09 | N/A | 7.5 HIGH |
IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953. | |||||
CVE-2023-0511 | 1 Forgerock | 1 Java Policy Agents | 2023-03-09 | N/A | 9.8 CRITICAL |
Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1 | |||||
CVE-2023-0339 | 1 Forgerock | 1 Web Policy Agents | 2023-03-09 | N/A | 9.8 CRITICAL |
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1 | |||||
CVE-2022-3162 | 1 Kubernetes | 1 Kubernetes | 2023-03-08 | N/A | 6.5 MEDIUM |
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. |