Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17314 | 1 Sugarcrm | 1 Sugarcrm | 2019-10-09 | 6.5 MEDIUM | 7.2 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user. | |||||
| CVE-2019-17313 | 1 Sugarcrm | 1 Sugarcrm | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user. | |||||
| CVE-2019-16198 | 1 Kslabs | 1 Ksweb | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter. | |||||
| CVE-2019-17175 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2019-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal. | |||||
| CVE-2019-8291 | 1 Online Store System Project | 1 Online Store System | 2019-10-07 | 6.4 MEDIUM | 7.5 HIGH |
| Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal. | |||||
| CVE-2019-17073 | 1 Emlog | 1 Emlog | 2019-10-04 | 5.5 MEDIUM | 6.5 MEDIUM |
| emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal. | |||||
| CVE-2017-14849 | 1 Nodejs | 1 Node.js | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules. | |||||
| CVE-2017-10993 | 1 Contao | 1 Contao Cms | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal. | |||||
| CVE-2018-7296 | 1 Eq-3 | 2 Homematic Central Control Unit Ccu2, Homematic Central Control Unit Ccu2 Firmware | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. | |||||
| CVE-2018-20144 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control. | |||||
| CVE-2018-9038 | 1 Monstra | 1 Monstra | 2019-10-03 | 5.5 MEDIUM | 6.5 MEDIUM |
| Monstra CMS 3.0.4 allows remote attackers to delete files via an admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ request. | |||||
| CVE-2018-1000647 | 1 Librehealth | 1 Librehealth Ehr | 2019-10-03 | 5.5 MEDIUM | 7.1 HIGH |
| LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter. | |||||
| CVE-2018-15610 | 1 Avaya | 1 Ip Office | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2. | |||||
| CVE-2018-7770 | 1 Schneider-electric | 1 U.motion | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address. | |||||
| CVE-2017-11589 | 1 Cisco | 2 Residential Gateway, Residential Gateway Firmware | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is no access control for info.html, wancfg.cmd, rtroutecfg.cmd, arpview.cmd, cpuview.cmd, memoryview.cmd, statswan.cmd, statsatm.cmd, scsrvcntr.cmd, scacccntr.cmd, logview.cmd, voicesipview.cmd, usbview.cmd, wlmacflt.cmd, wlwds.cmd, wlstationlist.cmd, HPNAShow.cmd, HPNAView.cmd, qoscls.cmd, qosqueue.cmd, portmap.cmd, scmacflt.cmd, scinflt.cmd, scoutflt.cmd, certlocal.cmd, or certca.cmd. | |||||
| CVE-2018-1000863 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2019-10-03 | 6.4 MEDIUM | 8.2 HIGH |
| A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins. | |||||
| CVE-2018-9159 | 1 Sparkjava | 1 Spark | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark. | |||||
| CVE-2017-5219 | 1 Sagecrm | 1 Sagecrm | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component file, which will be extracted to the inf directory outside of the webroot. By creating a zip file containing an empty .ecf file, to pass file-validation checks, any other file provided in zip file will be extracted onto the filesystem. In this case, a web shell with the filename '..\WWWRoot\CustomPages\aspshell.asp' was included within the zip file that, when extracted, traversed back out of the inf directory and into the SageCRM webroot. This permitted remote interaction with the underlying filesystem with the highest privilege level, SYSTEM. | |||||
| CVE-2017-8314 | 2 Debian, Kodi | 2 Debian Linux, Kodi | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles. | |||||
| CVE-2017-5539 | 1 B2evolution | 1 B2evolution | 2019-10-03 | 9.0 HIGH | 9.1 CRITICAL |
| The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists. | |||||