CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.4.0, which stems from the fact that the sourcename parameter can be changed to an absolute path, which will write a CSV file to the tmp directory...

CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

Zebra FX9500 RFID Reader Path Traversal (CVE-2020-10875)

Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2023-41830

An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Absolute Path Traversal (CVE-2023-5390)

An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...

CVE-2024-27575

INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI...

CVE-2024-27575

INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI...

CVE-2024-27575

INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI...

PT-2024-21957 · Inotec Sicherheitstechnik · Inotec Sicherheitstechnik Webserver Cps220/64

Name of the Vulnerable Software and Affected Versions: INOTEC Sicherheitstechnik WebServer CPS220/64 version 3.3.19 Description: The issue allows a remote attacker to read arbitrary files via absolute path traversal. For example, using the "/cgi-bin/display?file=/etc/passwd" URI, an attacker can...

BIT-MLFLOW-2023-1176 Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2...

BIT-MLFLOW-2023-3765 Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

BIT-GOLANG-2023-39323 Arbitrary code execution during build via line directives in cmd/go

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

CVE-2024-1703

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2024-1703

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

Path traversal

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2024-1703 ZhongBangKeJi CRMEB openfile absolute path traversal

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2024-1703 ZhongBangKeJi CRMEB openfile absolute path traversal

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2024-1703

CVE-2024-1703 affects ZhongBangKeJi CRMEB version 5.2.2, specifically the openfile function in /adminapi/system/file/openfile. The vulnerability is an absolute path traversal in that endpoint, enabling an attacker to access files outside the intended directory. The vulnerability has been disclose...