Directory Traversal

jetty is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of values in the file path, allowing %2e%2e%5c to be interpreted as ../, hence serving the requested files and causing directory traversal attacks...

Directory Traversal

struts2-core is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization in file path, allowing ..%252f to be used in the file path to perform directory traversal attacks...

CVE-2018-19789: Temporary uploaded file path disclosure

More info at https://symfony.com/cve-2018-19789...

CVE-2018-16849

An information-disclosure flaw was discovered in openstack-mistral, where the SSH private key filename of a std.ssh action could be manipulated. The flaw could be exploited to determine the presence of a file path on the host executing the std.ssh action, based on the returned error message...

Synology DiskStation Manager Information Disclosure Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. An information disclosure vulnerability exists in SYNO.Core.ACL in Synology DSM versions prior to...

CVE-2018-13281

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager DSM before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the filepath parameter...

CVE-2018-13281

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager DSM before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the filepath parameter...

PT-2018-11724 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2-23739-2 Description: The issue allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file path parameter. This is related to an...

Remote Code Execution (RCE)

salt is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the improper processing of spaces in the file path which may allow RCE attacks...

CVE-2018-14820

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing...

CVE-2018-10824

An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0...

D-Link Router Password Plaintext Storage Vulnerability

The DWR-116, DIR-140, and DIR-640 are all D-Link router products. A password plaintext storage vulnerability exists in several series of D-Link routers, which stems from the administrative password being stored in plaintext in the /tmp/XXX /0 file. An attacker with directory traversal or LFI can...

Arbitrary File Write

zziplib is vulnerable to arbitrary file writes. The library does not properly sanitize file paths, allowing a malicious user to overwrite arbitrary files on the system by passing a zip file with .. in it...

CVE-2018-1150

NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists...

Directory Traversal

camel-mail is vulnerable to a directory traversal attack. The library does not properly sanitize the file path, allowing a malicious user to gain access to the files on the system...

Cagintranet GetSimple CMS Cross-Site Request Forgery Vulnerability

Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site request forgery vulnerability exists in Cagintranet GetSimple CMS version...

Mozilla: Proxy bypass using automount and autofs

Firefox proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configured proxy settings. This issue only affects OS X in default...

Directory Traversal

webtales/rubedo is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of the file path in the theme component, allowing directory traversal attacks...

UBUNTU-CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

CVE-2018-10904

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient...