The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows involves errors during path restriction for restricted access directories. This allows a malicious user to trigger a service failure when loading the operating system.

The vulnerability of Kaspersky Endpoint Security for Windows relates to errors during path limitation for restricted access directories. Exploiting this vulnerability can allow a malicious actor to cause a service failure when the operating system is loaded...

The vulnerability of the function in bl_categires_help.php, a parental control function for Internet CTparental, allows a intruder to inject any code they desire.

The vulnerability of the CTparental parental control function in blcategireshelp.php exists due to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a hacker to inject arbitrary code...

The vulnerability of the bl_categories_help.php file, a parental control file for Internet CTparental, allows a violator to execute any command or run any code.

The vulnerability of the blcategorieshelp.php file, a parental control file for Internet CTparental, exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious user to execute arbitrary code or perform arbitrary...

The vulnerability of the server-based corporate software for project monitoring and management, RoboHelp Server, arises due to an incorrect path limitation to the restricted access catalog. This allows attackers to read arbitrary files.

The vulnerability of server-based corporate software for project monitoring and management with RoboHelp Server exists due to an incorrect limitation on the path to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to read arbitrary files using a specially...

Nagios XI 输入验证错误漏洞

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local file inclusion vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from an improper...

Vulnerability of the /hcms/admin/index.php/language/ajax component of the Hongcms content management system. The Hongcms project has vulnerabilities related to name restrictions for directory paths, allowing attackers to view, edit, and delete any files they desire.

The vulnerability of the /hcms/admin/index.php/language/ajax component of the Hongcms content management system is related to a flaw in the path name restriction. Exploiting this vulnerability allows an attacker to remotely access, view, edit, and delete any files using a specially created POST...

The vulnerability of the Job::onEntry function in the jobs.cpp file of the Ark archive viewer is related to deficiencies in the pathname restriction mechanism for the directory. This vulnerability allows an attacker to compromise the integrity of the protected information.

The vulnerability in the Job::onEntry function in the jobs.cpp file of the Ark archive viewer is related to an incorrect restriction on the path name to the directory. Exploiting this vulnerability could allow a remote attacker to compromise the integrity of the protected information...

The vulnerability of the AutoBuild service on the AVEVA System Platform allows a malicious actor to execute arbitrary code with system privileges.

The vulnerability of the AutoBuild service on the AVEVA System Platform is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary commands with system privileges...

The vulnerability of the UNIX command-line utility set, BusyBox, arises from an improper limitation on the path name of the directory. This allows a attacker to compromise data integrity.

The vulnerability of the UNIX command-line utility BusyBox relates to improper restrictions on the path name of the directory. Exploiting this vulnerability allows a remote attacker to compromise data integrity through symbolic links...

The vulnerability of the Icinga Web2 PHP framework allows a hacker to gain access to arbitrary files.

The vulnerability of the PHP framework Icinga Web2 exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to arbitrary files that can be read by the Icinga Web2 process...

PT-2021-3432 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.2 and earlier Magento versions 2.4.1-p1 and earlier Magento versions 2.3.6-p1 and earlier Description: The issue is related to incorrect restriction of the path name to a directory with limited access. Exploitation of thi...

puppyCMS 安全漏洞

puppyCMS is a very simple, flat file CMS. An arbitrary file deletion vulnerability exists in puppyCMS version 5.1. The vulnerability stems from the fact that there is no path to any restriction. A remote attacker can exploit this vulnerability to delete files/folders via /admin/functions.php...

The vulnerability of SonicWall Email Security’s email security software lies in the improper restriction of the path to the restricted directory. This allows attackers to gain unauthorized access to the protected information.

The vulnerability of SonicWall Email Security’s email security software relates to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

PT-2021-2764

Name of the Vulnerable Software and Affected Versions: SonicWall Email Security version 10.0.9.x Description: The issue is related to incorrect restriction of a directory path with limited access. This allows a remote attacker to gain unauthorized access to protected information. Specifically, it...

PT-2021-4594 · Django +4 · Django +4

Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.20 Django versions 3.0 before 3.0.14 Django versions 3.1 before 3.1.8 Description: The issue is related to the MultiPartParser component in Django, which has a directory path restriction flaw. This flaw can be...

The vulnerability in the function of the common/InputStreamHelper.java library of the MPXJ library allows a hacker to write files to arbitrary locations.

The vulnerability in the common/InputStreamHelper.java library of the MPXJ library exists due to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to write files to arbitrary locations...

Cisco Data Center Network Manager Path Traversal Vulnerability (CNVD-2021-09308)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A path traversal vulnerability exists in one of the REST API endpoints in Cisco Da...

The vulnerability of the NGINX Controller Agent monitoring and management platform, related to deficiencies in path name restriction, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the NGINX Controller Agent monitoring and management platform is related to deficiencies in path name restriction for the directory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2018-19945

A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerabilit...

The vulnerability of the Adobe Reader text viewer, related to errors in restricting the path to the restricted catalog, allows a perpetrator to gain access to protected information within the context of the current user.

The vulnerability of the Adobe Reader text viewer is related to errors that occur when restricting access to the path to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to gain access to protected information in the context of the current user...