Lucene search
K

8 matches found

NVD
NVD
added 2026/05/12 10:16 p.m.23 views

CVE-2026-44307

Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal e.g. ....\ secret.txt bypasses the directory traversal check in Template.init and the posixpath-based normalization in TemplateLookup.gettemplate, allowing reads of files outside the...

8.7CVSS0.00609EPSS
Exploits1References4
NVD
NVD
added 2024/10/10 10:15 p.m.44 views

CVE-2024-47164

Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the bypass of directory traversal checks within the isinorequal function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that...

6.5CVSS0.00687EPSS
Exploits0References1
NVD
NVD
added 2021/11/02 10:15 p.m.19 views

CVE-2021-43264

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character...

3.3CVSS0.00542EPSS
Exploits1References2
OSV
OSV
added 2020/09/30 6:15 p.m.3 views

CVE-2020-21526

An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it...

9.8CVSS7.3AI score0.0189EPSS
Exploits1References1
OSV
OSV
added 2020/09/30 6:15 p.m.5 views

CVE-2020-21525

Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it...

7.5CVSS7.1AI score0.01917EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.4 views

ZOHO ManageEngine OpManager Path Traversal Vulnerability

ZOHO ManageEngine OpManager is a set of network, server and virtualization monitoring software from ZOHO. A security vulnerability exists in ZOHO ManageEngine OpManager versions prior to 125144. An attacker could use this vulnerability to bypass directory traversal validation...

7.5CVSS6.8AI score0.37033EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/01/23 6:49 a.m.25 views

CVE-2017-5539

The patch for directory traversal CVE-2017-5480 in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ../ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether...

8AI score0.04175EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2016/03/21 12:0 a.m.31 views

XOOPS 2.5.7.2 - Directory Traversal Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XOOPS-DIRECTORY-TRAVERSAL.txt Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type: =========================== Directory Traversal...

7.4AI score
Exploits0
Rows per page
Query Builder