Security Bulletin: Open Source Sprockets Sprockets Vulnerability (CVE-2014-7819)

Question Security Bulletin: Open Source Sprockets Sprockets Vulnerability CVE-2014-7819 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

EUVD-2026-37818

BBOT: Arbitrary File Write in postmandownload Module...

AlquistManager Local File Inclusion

AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. id...

MKdocs 1.2.2 - Directory Traversal

The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability see references because the dev server must be used in an unsafe way namely public to have this...

Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal

A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access validation. A successful exploit...

NexusDB <4.50.23 - Local File Inclusion

NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal and local file inclusion. id: CVE-2020-24571 info: name: NexusDB 4.50.23 - Local File Inclusion author: pikpikcu severity: high description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../...

Cartadis Gespage 8.2.1 - Directory Traversal

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. id: CVE-2021-33807 info: name: Cartadis Gespage 8.2.1 - Directory Traversal author: daffainfo severity: high description: Cartadis Gespage through 8.2.1 allows Directory Traversa...

WordPress DZS Zoomsounds <=6.50 - Local File Inclusion

WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter. id: CVE-2021-39316 info: name: WordPress DZS Zoomsounds =6.51 to fix t...

Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal

There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request. id: CVE-2021-44138 info: name: Caucho Resin =4.0.52 =4.0.56 - Directory travers...

Onkyo TX-NR585 Web Interface - Directory Traversal

Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion. id: CVE-2020-12447 info: name: Onkyo TX-NR585 Web Interface - Directory Traversal author: 0xAkoko severity: high...

Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php. id:...

Spring Boot Actuator Logview Directory Traversal

spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability in libraries that adds a simple logfile viewer as a spring boot actuator endpoint maven package "eu.hinsch:spring-boot-actuator-logview". id: CVE-2021-21234 info: name: Spring Boot Actuator Logview...

NCBI ToolBox - Directory Traversal

NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which may result in reading of arbitrary files i.e., significant information disclosure or file deletion via the nph-viewgif.cgi query string. id: CVE-2018-16716 info: name: NCBI ToolBox -...

Camtron CMNC-200 IP Camera - Directory Traversal

The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attacks, allowing access to any file on the camera file system. id: CVE-2010-4231 info: name: Camtron CMNC-200 IP Camera - Directory Traversal author: daffainfo severity: high description: The CMNC-200 IP...

Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion

A directory traversal vulnerability in the Preventive & Reservation compreventive component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1475 info: name: Joomla...

Joomla! Component Property - Local File Inclusion

A directory traversal vulnerability in the Real Estate Property comproperties component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1875 info: name: Joomla...

Joomla! Component Arcade Games 1.0 - Local File Inclusion

A directory traversal vulnerability in the Arcade Games comarcadegames component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1714 info: name: Joomla! Component Arcade Games 1.0 - Local File Inclusion autho...

Joomla! Component Online Market 2.x - Local File Inclusion

A directory traversal vulnerability in the Online Market commarket component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1722 info: name: Joomla! Component Onlin...

Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion

A directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map comdrawroot component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1723 info: name:...

Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the J!WHMCS Integrator comjwhmcs component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1977 info: name: Joomla! Component J!WHMCS Integrator 1.5.0 - Local File...