Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26293 | 1 Afterlogic | 2 Aurora, Webmail Pro | 2021-03-11 | 6.8 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x. | |||||
| CVE-2021-26028 | 1 Joomla | 1 Joomla\! | 2021-03-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path. | |||||
| CVE-2021-21298 | 1 Nodered | 1 Node-red | 2021-03-10 | 3.5 LOW | 6.5 MEDIUM |
| Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with `projects.read` permission is able to access any file via the Projects API. The issue has been patched in Node-RED 1.2.8. The vulnerability applies only to the Projects feature which is not enabled by default in Node-RED. The primary workaround is not give untrusted users read access to the Node-RED editor. | |||||
| CVE-2020-25237 | 1 Siemens | 2 Sinec Network Management System, Sinema Server | 2021-03-10 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054) | |||||
| CVE-2021-27328 | 1 Yeastar | 2 Neogate Tg400, Neogate Tg400 Firmware | 2021-03-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key. | |||||
| CVE-2021-22114 | 1 Vmware | 1 Spring Integration Zip | 2021-03-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versions prior to 1.0.4, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. | |||||
| CVE-2021-21514 | 1 Dell | 1 Openmanage Server Administrator | 2021-03-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. | |||||
| CVE-2021-28042 | 1 Deutschepost | 1 Mailoptimizer | 2021-03-09 | 8.3 HIGH | 7.8 HIGH |
| Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution. | |||||
| CVE-2020-9479 | 1 Apache | 1 Asterixdb | 2021-03-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB | |||||
| CVE-2020-29529 | 1 Hashicorp | 1 Go-slug | 2021-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0. | |||||
| CVE-2021-3281 | 3 Djangoproject, Fedoraproject, Netapp | 3 Django, Fedora, Snapcenter | 2021-03-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments. | |||||
| CVE-2020-29600 | 3 Awstats, Debian, Fedoraproject | 3 Awstats, Debian Linux, Fedora | 2021-03-04 | 7.5 HIGH | 9.8 CRITICAL |
| In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501. | |||||
| CVE-2021-21064 | 1 Magento | 2 Upward Connector, Upward Php | 2021-03-02 | 4.0 MEDIUM | 4.9 MEDIUM |
| Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can contain instructions which allows reading arbitrary files from the remote server. Access to the admin console is required for successful exploitation. | |||||
| CVE-2021-20661 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2021-03-01 | 5.5 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. | |||||
| CVE-2021-26725 | 1 Nozominetworks | 2 Central Management Control, Guardian | 2021-02-26 | 4.0 MEDIUM | 4.9 MEDIUM |
| Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions. | |||||
| CVE-2020-9050 | 1 Johnsoncontrols | 1 Metasys Reporting Engine | 2021-02-25 | 5.0 MEDIUM | 7.5 HIGH |
| Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system. | |||||
| CVE-2021-23340 | 1 Pimcore | 1 Pimcore | 2021-02-25 | 5.5 MEDIUM | 7.1 HIGH |
| This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability. | |||||
| CVE-2017-14120 | 2 Debian, Rarlab | 2 Debian Linux, Unrar | 2021-02-25 | 5.0 MEDIUM | 7.5 HIGH |
| unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory. | |||||
| CVE-2021-22857 | 1 Changjia Property Management System Project | 1 Changjia Property Management System | 2021-02-24 | 5.0 MEDIUM | 7.5 HIGH |
| The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily. | |||||
| CVE-2014-2324 | 5 Contec, Debian, Lighttpd and 2 more | 7 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Debian Linux and 4 more | 2021-02-24 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. | |||||