CVE-2019-25256

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulati...

EUVD-2020-20486

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2014-8959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x...

CVE-2022-45783

An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution...

CVE-2020-27994

SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal...

📄 ABB Cylon FLXeon 9.3.5 siteGuide.js Authenticated Directory Traversal

The ABB Cylon FLXeon BACnet controller is vulnerable to authenticated file traversal via the /api/siteGuide endpoint. An attacker with valid credentials can manipulate the filename parameter to move and access or overwrite arbitrary files. The issue arises due to improper input validation in...

CVE-2024-7602

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...

PT-2024-2178 · Cisco · Cisco Appdynamics Controller

Name of the Vulnerable Software and Affected Versions: Cisco AppDynamics Controller affected versions not specified Description: A vulnerability in the file upload functionality could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This issue ...

CVE-2021-34638

Authenticated Directory Traversal in WordPress Download Manager = 3.1.24 allows authenticated Contributor+ users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration informatio...

WordPress Download Manager < 3.1.25 - Authenticated Directory Traversal

Authenticated Directory Traversal in WordPress Download Manager Add New. Name the post, and intercept the request when you Submit for Review no file needs to be uploaded. In the filepagetemplate parameter, swap out page-template-1col-flat.php for “\\../../../../../wp-config.php” Then preview the...

WordPress WordPress Download Manager plugin <= 3.1.24 - Authenticated Directory Traversal vulnerability

Authenticated Directory Traversal vulnerability discovered by Ramuel Gall WordFence in WordPress WordPress Download Manager plugin versions = 3.1.24. Solution Update the WordPress WordPress Download Manager plugin to the latest available version at least 3.1.25...

CVE-2020-27994

SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal...

Navigate CMS 2.8.7 - Authenticated Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

Navigate CMS 2.8.7 Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

PHPKB Multi-Language 9 Authenticated Directory Traversal

Exploit Title: PHPKB Multi-Language 9 - Authenticated Directory Traversal Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version: Multi-Language v9 Tested on:...

Directory traversal

Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the...

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal

Summary VideoFlow's Digital Video Protection DVP product is used by leading companies worldwide to boost the reliability of IP networks, including the public Internet, for professional live broadcast. DVP enables broadcast companies to confidently contribute and distribute live video over IP with...

VulnCheck KEV: CVE-2017-16929

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the...