Total
8091 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46420 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | 7.5 High |
| Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | ||||
| CVE-2021-46417 | 1 Franklinfueling | 2 Colibri, Colibri Firmware | 2024-11-21 | 7.5 High |
| Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. | ||||
| CVE-2021-46381 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2024-11-21 | 7.5 High |
| Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. | ||||
| CVE-2021-46203 | 1 Taogogo | 1 Taocms | 2024-11-21 | 6.5 Medium |
| Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | ||||
| CVE-2021-46104 | 1 Webp | 1 Webp Server Go | 2024-11-21 | 7.5 High |
| An issue was discovered in webp_server_go 0.4.0. There is a directory traversal vulnerability that can read arbitrary file information on the server. | ||||
| CVE-2021-45967 | 2 Igniterealtime, Pascom | 2 Openfire, Cloud Phone System | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints. | ||||
| CVE-2021-45887 | 1 Ponton | 1 X\/p Messenger | 2024-11-21 | 9.8 Critical |
| An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an imgs/*.jsp URI. | ||||
| CVE-2021-45783 | 1 Bookeen | 2 Notea, Notea Firmware | 2024-11-21 | 4.6 Medium |
| Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that allows an attacker to obtain sensitive information. | ||||
| CVE-2021-45746 | 1 Webank | 1 Wecube | 2024-11-21 | 7.5 High |
| A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file variable in PluginPackageController.java. | ||||
| CVE-2021-45712 | 1 Rust-embed Project | 1 Rust-embed | 2024-11-21 | 7.5 High |
| An issue was discovered in the rust-embed crate before 6.3.0 for Rust. A ../ directory traversal can sometimes occur in debug mode. | ||||
| CVE-2021-45452 | 3 Djangoproject, Fedoraproject, Redhat | 4 Django, Fedora, Satellite and 1 more | 2024-11-21 | 5.3 Medium |
| Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. | ||||
| CVE-2021-45427 | 1 Emerson | 2 Xweb300d Evo, Xweb300d Evo Firmware | 2024-11-21 | 9.8 Critical |
| Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal. | ||||
| CVE-2021-45418 | 1 Starcharge | 4 Nova 360 Cabinet, Nova 360 Cabinet Firmware, Titan 180 Premium and 1 more | 2024-11-21 | 8.8 High |
| Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet <=1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium <=1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0. | ||||
| CVE-2021-45286 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 5.3 Medium |
| Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php. | ||||
| CVE-2021-45043 | 1 Hd-network Real-time Monitoring System Project | 1 Hd-network Real-time Monitoring System | 2024-11-21 | 7.5 High |
| HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter. | ||||
| CVE-2021-45015 | 1 Taogogo | 1 Taocms | 2024-11-21 | 9.1 Critical |
| taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72. | ||||
| CVE-2021-44977 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 7.5 High |
| In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files. | ||||
| CVE-2021-44965 | 1 Phpgurukul | 1 Employee Record Management System | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server. | ||||
| CVE-2021-44737 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 8.8 High |
| PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. | ||||
| CVE-2021-44725 | 1 Knime | 1 Knime Server | 2024-11-21 | 7.5 High |
| KNIME Server before 4.13.4 allows directory traversal in a request for a client profile. | ||||