SUSE CVE-2017-16660

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

Git 路径遍历漏洞

Git is a free, open source distributed version control system. Git has a security vulnerability. An attacker could use this vulnerability to access files and directories stored outside of the web root folder. The following versions are affected: version 2.39 up to and including version 2.39.2,...

CVE-2022-47769

An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenticated attackers to upload malicious files in the web root of the application to gain access to the server via the web shell...

CVE-2019-25053

A path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote unauthenticated attackers to access files outside of the web tree via a crafted URL...

Path traversal

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

SonicWALL SMA1000 series 路径遍历漏洞

The SonicWALL SMA1000 series is a family of secure mobile access solutions from SonicWALL, Inc. simplifies end-to-end secure remote access to enterprise resources hosted across local, cloud and hybrid data centers. A path traversal vulnerability exists in SonicWALL SMA1000 series version 12.4.2. ...

PT-2023-5520 · Sonicwall · Sonicwall Sma1000

Name of the Vulnerable Software and Affected Versions: SonicWall SMA1000 version 12.4.2 Description: The issue is a pre-authentication path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory. This can be...

youngerheart nodeserver 路径遍历漏洞

nodeserver is a router that implements domain name resolution and web applications for node servers by the individual developer of youngerheart. A path traversal vulnerability exists in youngerheart nodeserver. An attacker could use this vulnerability to access files and directories stored outsid...

Neo4j 路径遍历漏洞

Neo4j is a Java-based and fully ACID-compatible graphical database from Neo4j, Inc. that supports data migration, add-ons, and more. A path traversal vulnerability exists in Neo4j APOC Awesome Procedures on Cypher. An attacker can exploit this vulnerability to access files and directories stored...

NVIDIA BMC 路径遍历漏洞

NVIDIA BMC is an OpenBMC open software framework from NVIDIA. A security vulnerability exists in NVIDIA BMC. An attacker could exploit this vulnerability to access files and directories stored outside of the web root folder...

media_upload 路径遍历漏洞

mediaupload is a Fluid widget provided for mass uploading media on the front-end using HTML5 technology. A path traversal vulnerability exists in mediaupload. An attacker could use this vulnerability to access files and directories stored outside of the web root folder...

maps-js-icoads 路径遍历漏洞

maps-js-icoads is a spatio-temporal data visualization of ships and buoys by the individual developer Paul R. Saxman. A path traversal vulnerability exists in maps-js-icoads. An attacker exploiting this vulnerability could access files and directories stored outside of the web root folder...

larasync 路径遍历漏洞

larasync is an end-to-end encrypted, simple and fast self-hosted file synchronization solution by Christian Hoffmann Personal Developer. A path traversal vulnerability exists in larasync. An attacker could use this vulnerability to access files and directories stored outside of the web root folde...

CVE-2021-39369

In Philips formerly Carestream Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root...

CVE-2021-39369

In Philips formerly Carestream Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root...

Path traversal

In Philips formerly Carestream Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root...

CVE-2021-39369

In Philips formerly Carestream Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root...

Planet Enterprises Planet eStream 路径遍历漏洞

Planet Enterprises Planet eStream is a very simple and secure tool from Planet Enterprises, Inc. It can make video more accessible to students and staff at all levels of education. A path traversal vulnerability exists in versions prior to Planet Enterprises Planet eStream 6.72.10.07, which can b...

CVE-2022-2554

The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example...

CVE-2022-2554

The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example...