2184 matches found
UBUNTU-CVE-2022-4244
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...
CVE-2022-4244 Codehaus-plexus: directory traversal
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...
Damon Enterprise Manager has a flawed logic vulnerability
Damon Enterprise Manager is a centralized management platform that monitors, manages and maintains DM databases through a web interface. A logic flaw vulnerability exists in Damon Enterprise Manager, which can be exploited by an attacker to delete arbitrary operating system files, resulting in...
JFinalCMS Directory Traversal Vulnerability
JFinalCMS is a java developed information consulting website. JFinalCMS suffers from a directory traversal vulnerability that can be exploited by an attacker to view arbitrary files on the system...
JFinalCMS 路径遍历漏洞
JFinalCMS is a java developed information consulting website. JFinalCMS suffers from a directory traversal vulnerability that can be exploited by an attacker to view arbitrary files on the system...
Path Traversal
Jeecg-boot is vulnerable to Arbitrary File Read. The vulnerability is due to the testConnection interface, which allows an attacker to read arbitrary files from the system...
A vulnerability exists in the MAGLINK LX Web Console, a web-based console for managing fuel tanks. This vulnerability stems from incorrect restrictions on the path to the restricted catalog. This allows attackers to gain access to files within the system.
The vulnerability of the MAGLINK LX Web Console, which manages fuel tanks, is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain access to system files remotely...
Directory traversal
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...
CVE-2023-40623 Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...
CVE-2023-40623 Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited...
SAP BusinessObjects Suite Installer Security Vulnerability
SAP BusinessObjects Suite Installer is an application from SAP, Germany. A security vulnerability exists in SAP BusinessObjects Suite Installer versions 420 and 430 that originates from allowing an attacker to delete all operating system files...
CVE-2023-38256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 vulnerable to a path traversal attack, which could allow an attacker to access files stored on the system...
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
Path traversal
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
CVE-2023-32756 e-Excellence U-Office Force - Path Traversal
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
CVE-2023-32756 e-Excellence U-Office Force - Path Traversal
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
e-Excellence U-Office Force 路径遍历漏洞
e-Excellence U-Office Force is an e-Office platform from China First Class Technology e-Excellence. A path traversal vulnerability exists in e-Excellence U-Office Forc, which can be exploited by an attacker to read arbitrary system files...
CVE-2023-20234
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...
Design/Logic Flaw
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...