Lucene search
K

50323 matches found

NVD
NVD
added yesterday5 views

CVE-2026-13251

The Perfmatters plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.4 via the 's' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

7.5CVSS0.0082EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday76 views

Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal

Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API. id: CVE-2018-19365 info: name: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal author: 0xAkoko severity: critical...

9.1CVSS7.3AI score0.22292EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday41 views

NetAlert X - Arbitary File Read

A directory traversal vulnerability has been identified in NetAlertX versions v24.7.18 - v24.9.12. id: CVE-2024-48766 info: name: NetAlert X - Arbitary File Read author: s4e-io severity: critical description: | A directory traversal vulnerability has been identified in NetAlertX versions v24.7.18...

8.6CVSS7AI score0.56951EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday23 views

Cartadis Gespage 8.2.1 - Directory Traversal

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. id: CVE-2021-33807 info: name: Cartadis Gespage 8.2.1 - Directory Traversal author: daffainfo severity: high description: Cartadis Gespage through 8.2.1 allows Directory Traversa...

7.5CVSS7.1AI score0.1411EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday9 views

White Star Software ProTop - Directory Traversal

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences. id: CVE-2025-44177 info: name:...

8.2CVSS7.5AI score0.04173EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday15 views

MapTiler Tileserver-php v2.0 - Unauthenticated File Read

MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...

8.2CVSS7.5AI score0.0136EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday32 views

Joomla! Component Highslide 1.5 - Local File Inclusion

A directory traversal vulnerability in the Highslide JS comhsconfig component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1314 info: name: Joomla! Component Highslide 1.5 - Local File Inclusion...

5CVSS6AI score0.15909EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday30 views

IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion

IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. id: CVE-2018-10956 info: name: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion author: 0xAkoko severity: high description: | IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. impact: | An...

7.5CVSS7.1AI score0.56318EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday23 views

Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion

A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr comjoomlaflickr component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1980 info: name: Joomla! Component...

7.5CVSS6.1AI score0.18835EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday53 views

Camtron CMNC-200 IP Camera - Directory Traversal

The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attacks, allowing access to any file on the camera file system. id: CVE-2010-4231 info: name: Camtron CMNC-200 IP Camera - Directory Traversal author: daffainfo severity: high description: The CMNC-200 IP...

7.8CVSS7.3AI score0.09542EPSS
Exploits5References5
Nuclei
Nuclei
added yesterday33 views

Joomla! Component Property - Local File Inclusion

A directory traversal vulnerability in the Real Estate Property comproperties component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1875 info: name: Joomla...

7.5CVSS6AI score0.15722EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday23 views

Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion

A directory traversal vulnerability in the Picasa2Gallery compicasa2gallery component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2507 info: name:...

6.8CVSS6AI score0.09432EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday37 views

Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion

A directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map comdrawroot component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1723 info: name:...

6.8CVSS6AI score0.08408EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday19 views

Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the J!WHMCS Integrator comjwhmcs component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1977 info: name: Joomla! Component J!WHMCS Integrator 1.5.0 - Local File...

7.5CVSS6AI score0.07402EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday37 views

Joomla! Component Advertising 0.25 - Local File Inclusion

A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...

6.8CVSS6AI score0.08163EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday25 views

Joomla! Component Online Market 2.x - Local File Inclusion

A directory traversal vulnerability in the Online Market commarket component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1722 info: name: Joomla! Component Onlin...

6.8CVSS6AI score0.09471EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday27 views

Joomla! Component Web TV 1.0 - Local File Inclusion

A directory traversal vulnerability in the Web TV comwebtv component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1470 info: name: Joomla! Component Web TV 1.0 -...

7.5CVSS6AI score0.13351EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday29 views

Joomla! Component Arcade Games 1.0 - Local File Inclusion

A directory traversal vulnerability in the Arcade Games comarcadegames component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1714 info: name: Joomla! Component Arcade Games 1.0 - Local File Inclusion autho...

5CVSS6AI score0.18703EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday19 views

mojoPortal <=2.9.0.1 - Directory Traversal

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey. id: CVE-2025-28367 info: name: mojoPortal =2.9.0.1 - Directory Traversal author...

6.5CVSS7.3AI score0.02128EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday102 views

PrestaShop TshirteCommerce - Directory Traversal

The Custom Product Designer tshirtecommerce module for PrestaShop allows HTTP requests to be forged using POST and GET parameters, enabling a remote attacker to perform directory traversal on the system and view the contents of code files. id: CVE-2023-27639 info: name: PrestaShop TshirteCommerce...

7.5CVSS7.2AI score0.03551EPSS
Exploits1References3
Rows per page
Query Builder