2184 matches found
CVE-2023-41344
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
Path traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
Path traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356
CVE-2023-41356 concerns the ManageEngine Mobile Device Manager (MDM) APP and describes a path traversal vulnerability in a special function. An unauthenticated remote attacker can bypass authentication and read arbitrary system files. The NVD entry lists a CVSSv3.1 base score of 6.5 (Medium) with...
CVE-2023-41344 NCSIST ManageEngine MDM - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
RUSTSEC-2023-0069 sudo-rs: Path Traversal vulnerability
Impact An issue was discovered where usernames containing the . and / characters could result in the corruption of specific files on the filesystem. As usernames are generally not limited by the characters they can contain, a username appearing to be a relative path can be constructed. For exampl...
Wipotec ComScale Information Disclosure Vulnerability
Wipotec ComScale is an application from Wipotec. It can display collected data on a connected PC or tablet device. A security vulnerability exists in Wipotec ComScale version v4.3.29.21344, v4.4.12.723, which stems from an inability to authenticate a user session. An attacker could use this...
CVE-2023-30804
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpnhtml/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
Furuno ACERA 1320 Path Traversal Vulnerability
The Furuno ACERA 1320 is a wireless router from Furuno Japan. The ACERA 1320 and 1310 are vulnerable to a path traversal vulnerability that stems from the presence of a path traversal vulnerability. An attacker could exploit this vulnerability by sending specially crafted requests to change...
FD Application Code Issue Vulnerability
FD Application is an application software from FD. A code issue vulnerability exists in FD Application Apr. 2022 Edition 9.01 and prior versions that stems from improperly restricting XML External Entity References XXE, which could allow an attacker to read arbitrary files on the system by...
CVE-2023-42819 Path traversal in Jumpserver
JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like 'e0adabef-c38f-492d-bd92-832bacc3df5f'. An attacker ca...
CVE-2022-4244
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...
CVE-2022-4244
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...
Path traversal
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...