A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenti
A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentiall
A path traversal (directory traversal) vulnerability in D-Link DSR series routers allows unauthenticated remote attackers to manipulate input parameters used for file or directory path resolution (e.g
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary fil
A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN_1.02, SEA_1.04, and SEA_1.07. The vulnerabili
A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing rem
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit direc
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to s
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include trav
PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use path
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory.
There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure. Successful exploitation requires an attacker to send a specially crafted reques
Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting
A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file
A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decod
A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwd_se
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specia
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of t
Page 1+ Next →