2058 matches found
CVE-2024-1703 ZhongBangKeJi CRMEB openfile absolute path traversal
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...
CVE-2023-50955
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777...
PT-2024-18236 · Zhongbangkeji · Crmeb
Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB version 5.2.2 Description: A problematic issue has been found in the software, affecting the openfile function of the file "/adminapi/system/file/openfile". This issue leads to absolute path traversal. The exploit has been...
Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-50955)
Summary An information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50955 DESCRIPTION: IBM InfoSphere Information Server could allow an authenticated privileged user to obtain the absolute path of the web server installation whi...
CVE-2024-25125 Absolute path traversal vulnerability in digdag server
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
CVE-2024-25125 Absolute path traversal vulnerability in digdag server
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2024-505)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-505 advisory. The upstream report describes this issue as follows: When installing a maliciously created Ansible role using 'ansible-galaxy role install', arbitrary files the user has access to can be...
CVE-2023-6919
Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...
CVE-2023-6919
Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...
CVE-2023-6919
Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...
Path traversal
Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...
CVE-2023-6919 Path Traversal in VGuard IP Camera Network Recorder
Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C...
CVE-2023-6919
CVE-2023-6919 describes a Path Traversal vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard prior to version V500.0003.R008.4011.C0012.B351.C. The flaw allows an absolute path traversal via the "/.. /filedir" payload, potentially enabling access to files outside the web root. A...
PT-2024-15122 · Biges Safe Life Technologies Electronics Inc · Vguard
Name of the Vulnerable Software and Affected Versions: Biges Safe Life Technologies Electronics Inc. VGuard versions prior to V500.0003.R008.4011.C0012.B351.C Description: The issue is related to a Path Traversal vulnerability, specifically an Absolute Path Traversal, which can be exploited using...
GHSA-RGRF-6MF5-M882 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code
Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...
cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code
Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...
GHSA-JPVW-P8PR-9G2X Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...
CVE-2023-6190
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in İzmir Katip Çelebi University University Information Management System allows Absolute Path Traversal. This issue affects University Information Management System: before 30.11.2023...
Input validation
Improper Input Validation vulnerability in Izmir Katip Çelebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023...