27 matches found
Ulterius Server < 1.9.5.0 - Directory Traversal
Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs. id: CVE-2017-16806 info: name: Ulterius Server 1.9.5.0 - Directory Traversal author: geeknik severity: high description: Ulterius Server before 1.9.5.0 allow...
EUVD-2018-0295
Malware in sbrugna...
EUVD-2018-0223
Malware in sbrugna...
EUVD-2020-0631
Malware in sbrugna...
EUVD-2020-1277
Malware in sbrugna...
GHSA-3R3J-4VRW-884J files-bucket-server vulnerable to Directory Traversal
All versions of the package files-bucket-server are vulnerable to Directory Traversal, where an attacker can traverse the file system and access files outside of the intended directory...
files-bucket-server vulnerable to Directory Traversal
All versions of the package files-bucket-server are vulnerable to Directory Traversal, where an attacker can traverse the file system and access files outside of the intended directory...
CVE-2025-0573
CVE-2025-0573 concerns the Sante PACS Server, where the vulnerability lies in the DCM file parsing that fails to validate a user-supplied path before file operations. This directory traversal can allow an unauthenticated, remote attacker to write arbitrary files on the server, running with the cu...
CVE-2023-25579 Directory traversal in Nextcloud server
Nextcloud server is a self hosted home cloud product. In affected versions the OC\Files\Node\Folder::getFullPath function was validating and normalizing the string in the wrong order. The function is used in the newFile and newFolder items, which may allow to creation of paths outside of ones own...
CVE-2022-37422
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded...
CVE-2021-40978
The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601. and https://github.com/nisdn/CVE-2021-40978/issues/1...
CVE-2017-16162
22lixian is a simple file server. 22lixian is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16108
gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16214
peiserver is a static file server. peiserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16038
f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run...
Node.js third-party modules: [serve] Server Directory Traversal
I would like to report a Server Directory Traversal vulnerability in serve. It allows reading local files on the target server. Module module name: serve version: 7.0.1 npm page: https://www.npmjs.com/package/serve Module Description Assuming you would like to serve a static site, single page...
CVE-2014-10073
The createresponse function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory...
Node.js third-party modules: [mcstatic] Server Directory Traversal
I would like to report a Server Directory Traversal in mcstatic. It allows reading local files on the target server. Module module name: mcstatic version: 0.0.20 npm page: https://www.npmjs.com/package/mcstatic Module Description Static Http server for mocking and stuff Vulnerability Steps To...
Node.js third-party modules: [featurebook] Specification Server Directory Traversal via Crafted Browser Request
Hi, A crafted request can be leveraged to traverse the directory structure of a host using the featurebook server package, and request arbitrary files outside of the specified web root. Module specification Name: featurebook Version: 0.0.32 latest release build Verified conditions Test server:...
Huawei HG255s - Server Directory Traversal Vulnerability
Document Title: =============== Huawei HG255s - Server Directory Traversal Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2100 Video: https://www.youtube.com/watch?v=6XxTh7brPLg Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2099 Release...