Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17564 | 1 Feifeicms | 1 Feifeicms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component. | |||||
| CVE-2020-17563 | 1 Feifeicms | 1 Feifeicms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=". | |||||
| CVE-2020-17518 | 1 Apache | 1 Flink | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master. | |||||
| CVE-2020-17389 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the decryptFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10502. | |||||
| CVE-2020-17387 | 1 Marvell | 1 Qconvergeconsole | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the writeObjectToConfigFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10565. | |||||
| CVE-2020-17385 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | |||||
| CVE-2020-17383 | 1 Telosalliance | 2 Z\/ip One, Z\/ip One Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built-in accounts, and the cleartext password for remote configuration of the device through the WebUI. | |||||
| CVE-2020-16245 | 1 Advantech | 1 Iview | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. | |||||
| CVE-2020-16136 | 1 Tgstation13 | 1 Tgstation-server | 2024-11-21 | 6.8 MEDIUM | 7.7 HIGH |
| In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however. | |||||
| CVE-2020-16116 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | |||||
| CVE-2020-15941 | 1 Fortinet | 1 Forticlient Endpoint Management Server | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages. | |||||
| CVE-2020-15929 | 1 Ortussolutions | 1 Testbox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution. | |||||
| CVE-2020-15928 | 1 Ortussolutions | 1 Testbox | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal. | |||||
| CVE-2020-15923 | 1 Midasolutions | 1 Eframework | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. | |||||
| CVE-2020-15908 | 1 Cauldrondevelopment | 1 C\! | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive. | |||||
| CVE-2020-15858 | 1 Thalesgroup | 18 Bgs5, Bgs5 Firmware, Ehs5 and 15 more | 2024-11-21 | 3.6 LOW | 6.2 MEDIUM |
| Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by physically proximate attackers. The directory path access check of the internal flash file system can be circumvented. This flash file system can store application-specific data and data needed for customer Java applications, TLS and OTAP (Java over-the-air-provisioning) functionality. The affected products and releases are: BGS5 up to and including SW RN 02.000 / ARN 01.001.06 EHSx and PDSx up to and including SW RN 04.003 / ARN 01.000.04 ELS61 up to and including SW RN 02.002 / ARN 01.000.04 ELS81 up to and including SW RN 05.002 / ARN 01.000.04 PLS62 up to and including SW RN 02.000 / ARN 01.000.04 | |||||
| CVE-2020-15809 | 1 Spinetix | 11 Diva, Diva Firmware, Dsos and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd. | |||||
| CVE-2020-15779 | 1 Socket.io-file Project | 1 Socket.io-file | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path. | |||||
| CVE-2020-15712 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in the path parameter to view arbitrary files on the system. | |||||
| CVE-2020-15703 | 1 Aptdaemon Project | 1 Aptdaemon | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root. | |||||