CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

CVE•added 2025/12/18 7:53 p.m.•8 views

CVE-2023-53944

EasyPHP Webserver 14.1 is affected by a path traversal vulnerability (CVE-2023-53944) that allows remote low-privilege users to read files outside the document root by bypassing SecurityManager. The documented payload involves crafted GET requests with encoded directory traversal sequences such a...

7.1CVSS6.5AI score0.00183EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2025/11/21 12:31 p.m.•4 views

CVE-2025-40605

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences such as ../ and may access files and directories outside the intended restricted path...

5.3CVSS6.9AI score0.00044EPSS

Exploits0References1

Positive Technologies•added 2025/11/19 12:0 a.m.•2 views

PT-2025-47568

Name of the Vulnerable Software and Affected Versions Email Security appliance affected versions not specified Description A Path Traversal issue exists in the Email Security appliance. This allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences, suc...

5.3CVSS6.9AI score0.00044EPSS

Exploits0References8

CVE•added 2024/06/06 6:8 p.m.•58 views

CVE-2024-2362

The CVE-2024-2362 entry concerns parisneo/lollms-webui versiÃ³n 9.3 on Windows, with a path traversal vulnerability in the del_preset endpoint due to inadequate input sanitization. The issue permits an attacker to delete files outside the intended directory by supplying absolute or traversal path...

9.1CVSS9.2AI score0.01907EPSS

Exploits1References1Affected Software1

CNVD•added 2021/04/28 12:0 a.m.•28 views

Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are vulnerable to path traversal

The Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are routers from Buffalo Japan.The Buffalo WSR-2533DHPL2 and WSR-2533DHP3 suffer from a path traversal vulnerability, which stems from an input validation error when the web interface handles directory traversal sequences, and can be exploited by attacke...

9.8CVSS3.5AI score0.94401EPSS

Exploits5References1

NVD•added 2020/02/23 2:15 a.m.•9 views

CVE-2020-9353

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...

7.5CVSS7.8AI score0.00822EPSS

Exploits1References2

Prion•added 2019/11/22 2:15 a.m.•8 views

Directory traversal

nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive...

6.4CVSS7.5AI score0.00429EPSS

Exploits0References1Affected Software1

0day.today•added 2013/11/01 12:0 a.m.•29 views

ImpressPages CMS 3.6 Multiple Vulnerabilities

ImpressPages CMS version 3.6 suffers from a remote arbitrary file deletion , multiple SQL injection vulnerabilities that can be leveraged to commit cross site scripting attacks. ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability Vendor: ImpressPages UAB Product web page:...

7.9AI score

Exploits0

Debian CVE•added 2011/08/01 7:0 p.m.•23 views

CVE-2011-2643

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter...

6.8CVSS6.7AI score0.00383EPSS

Exploits0

Prion•added 2011/02/21 6:0 p.m.•13 views

Directory traversal

Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter...

5CVSS7.2AI score0.00255EPSS

Exploits0References4Affected Software1

htbridge•added 2011/01/20 12:0 a.m.•20 views

Multiple Vulnerabilities in ReOS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ReOS which could be exploited to perform SQL injection attacks and compromise vulnerable system. 1 SQL injection vulnerabilities in ReOS 1.1 The vulnerability exists due to input sanitation errors in the...

7.6CVSS8.7AI score

Exploits0Affected Software1

Prion•added 2010/05/20 5:30 p.m.•12 views

Directory traversal

Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsnphptype parameter, a related issue to CVE-2007-2069...

6.8CVSS7.1AI score0.05128EPSS

Exploits2References5Affected Software1

Prion•added 2010/05/12 4:7 p.m.•13 views

Directory traversal

Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsnphptype parameter, a related issue to CVE-2007-2069...

6.8CVSS7.1AI score0.05128EPSS

Exploits2References5Affected Software1

Prion•added 2010/04/06 3:30 p.m.•11 views

Directory traversal

Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS7.7AI score0.0384EPSS

Exploits1References6Affected Software1

NVD•added 2010/03/23 1:0 a.m.•7 views

CVE-2010-1043

Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter...

7.5CVSS7.2AI score0.02264EPSS

Exploits1References3

Prion•added 2010/03/16 7:0 p.m.•17 views

Directory traversal

Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...

5.1CVSS7.9AI score0.06307EPSS

Exploits1References8Affected Software1

Prion•added 2010/01/18 8:30 p.m.•9 views

Directory traversal

Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conflang parameter...

7.5CVSS7.7AI score0.01971EPSS

Exploits0References3Affected Software1

Prion•added 2009/06/19 6:0 p.m.•16 views

Directory traversal

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

6.8CVSS7.7AI score0.02596EPSS

Exploits1References3Affected Software1

Exploit DB•added 2009/05/12 12:0 a.m.•30 views

Bitweaver 2.6 - 'saveFeed()' Remote Code Execution

saveFeed $rssversionname, $cacheFile ; ... it calls saveFeed function in an insecure way, arguments are built on $REQUESTversion var and may contain directory traversal sequences... now look at saveFeed function in /rss/feedcreator.class.php ... function saveFeed$filename="", $displayContents=tru...

7.4AI score

Exploits0

Prion•added 2009/03/17 9:30 p.m.•17 views

Directory traversal

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the HordeImage driver name...

6.4CVSS7.4AI score0.05612EPSS

Exploits8References12Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by