9 matches found
CVE-2026-11844
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...
ABC PRO EAP Legislator 路径遍历漏洞
ABC PRO EAP Legislator is a software developed by the Polish company ABC PRO, used for managing legislative processes and editing legal documents. ABC PRO EAP Legislator has a path traversal vulnerability; this vulnerability arises from the file extraction function’s ability to traverse paths,...
CVE-2025-59372
A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...
CVE-2019-25073 Path traversal in github.com/goadesign/goa
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory...
Directory Traversal
github.com/gphper/ginadmin is vulnerable to directory traversal. The vulnerability exists in the View function in adminSystemController.go due to lack of sanitization in path value which allows an attacker to gain access outside of the intended directory...
CVE-2021-41185 Download file outside intended directory
Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users...
Directory Traversal in scott-blanch-weather-app
Affected versions of scott-blanch-weather-app resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...
CVE-2019-18253
An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior outside the intended directory...
Path Traversal
resolve-path is vulnerable path traversal attacks. A malicious user can access areas outside of the intended target directory by using a url containing ../...