Total
7993 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1000062 | 1 Kitto Project | 1 Kitto | 2025-04-20 | N/A |
| kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution | ||||
| CVE-2017-10940 | 1 Joyent | 1 Triton Datacenter | 2025-04-20 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853. | ||||
| CVE-2017-9031 | 1 Deluge-torrent | 1 Deluge | 2025-04-20 | N/A |
| The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. | ||||
| CVE-2017-14196 | 1 Squiz | 1 Matrix | 2025-04-20 | N/A |
| An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed. | ||||
| CVE-2016-4323 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2025-04-20 | N/A |
| A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability. | ||||
| CVE-2016-10400 | 1 Atutor | 1 Atutor | 2025-04-20 | N/A |
| Directory Traversal exists in ATutor before 2.2.2 via the icon parameter to /mods/_core/courses/users/create_course.php. The attacker can read an arbitrary file by visiting get_course_icon.php?id= after the traversal attack. | ||||
| CVE-2016-10331 | 1 Synology | 1 Photo Station | 2025-04-20 | N/A |
| Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter. | ||||
| CVE-2016-10330 | 1 Synology | 1 Photo Station | 2025-04-20 | N/A |
| Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors. | ||||
| CVE-2016-10184 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2025-04-20 | 7.5 High |
| An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal. | ||||
| CVE-2016-10048 | 2 Imagemagick, Opensuse Project | 2 Imagemagick, Leap | 2025-04-20 | N/A |
| Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. | ||||
| CVE-2014-5301 | 1 Manageengine | 4 Assetexplorer, It360, Servicedesk Plus and 1 more | 2025-04-20 | N/A |
| Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4. | ||||
| CVE-2017-13996 | 1 Loytec | 2 Lvis-3me, Lvis-3me Firmware | 2025-04-20 | N/A |
| A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code. | ||||
| CVE-2017-12791 | 1 Saltstack | 1 Salt | 2025-04-20 | N/A |
| Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. | ||||
| CVE-2017-15363 | 1 Luracast | 1 Restler | 2025-04-20 | 7.5 High |
| Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter. | ||||
| CVE-2015-8352 | 1 Zen-cart | 1 Zen Cart | 2025-04-20 | N/A |
| Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php. | ||||
| CVE-2017-13982 | 1 Hp | 1 Bsm Platform Application Performance Management System Health | 2025-04-20 | N/A |
| A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files. | ||||
| CVE-2017-1000170 | 1 Jqueryfiletree Project | 1 Jqueryfiletree | 2025-04-20 | 7.5 High |
| jqueryFileTree 2.1.5 and older Directory Traversal | ||||
| CVE-2015-8283 | 1 Seawell Networks | 1 Spectrum Sdc | 2025-04-20 | N/A |
| Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00. | ||||
| CVE-2015-8235 | 1 Call-cc | 1 Spiffy | 2025-04-20 | N/A |
| Directory traversal vulnerability in Spiffy before 5.4. | ||||
| CVE-2015-1198 | 1 Linux-ha | 1 Ha | 2025-04-20 | N/A |
| Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. | ||||