An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly hand
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipula
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file s
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specia
A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenti
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending cra
Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges
Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensiti
The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that allows unauthenticated attackers to download arbitrary files by manipulating the filename par
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary fil
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers w
Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain sensitive information via the id parameter.
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.
There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure. Successful exploitation requires an attacker to send a specially crafted reques
An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location f
A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory.
Page 1+ Next →