CVE-2021-30173

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file...

CVE-2021-30173

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file...

Remote file inclusion

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file...

CVE-2021-30173

CVE-2021-30173 involves a Local File Inclusion vulnerability in the omni-directional communication system (Jun-He/Junghee/Junghee-type Total Communication System). The issue arises when an authenticated attacker injects an absolute path into the Url parameter, enabling access to arbitrary files o...

VulnCheck KEV: CVE-2018-7422

A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php, aka absolute path traversal...

CVE-2020-2504

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later...

CVE-2020-2504 Absolute path traversal vulnerability in QES

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later...

DEBIAN-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

ALPINE-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

UBUNTU-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

CVE-2020-15794

A vulnerability has been identified in Desigo Insight All versions. Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system...

CVE-2020-15794

CVE-2020-15794 affects Siemens Desigo Insight (All versions). The web application may reveal absolute file system paths in error messages, enabling an authenticated attacker to retrieve additional information about the host system (information disclosure). Mitigations documented by vendors includ...

CVE-2020-15794

A vulnerability has been identified in Desigo Insight All versions. Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system...

Exploit for Absolute Path Traversal in Rarlab Winrar

This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...

QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9...

CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...

CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...

Path traversal

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...

CVE-2020-11491

CVE-2020-11491 affects Zen Load Balancer 3.10.1 — a vulnerability in Monitoring::Logs that allows remote authenticated admins to perform absolute path traversal (as shown by a filelog=/etc/shadow request to index.cgi). The issue is tied to the Monitoring::Logs component of Zen Load Balancer and e...

CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...