Medium
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
Tag: Path Traversal
All CVEs associated with "Path Traversal". Page 39/72 • 8594 CVEs.
Subscribe CVEs: RSS for “Path Traversal” · RSS (High+Critical only)
About “Path Traversal”
A curated feed of “Path Traversal”-related CVEs appears below. We currently track 8594 CVEs for this tag (all time). In the last 365 days, 1473 were published. Average CVSS is 6.8 (all time; 6.9 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-23 - Relative Path Traversal, CWE-35 - Path Traversal: '.../...//'.
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2019-10-24
2019-10-23
Medium
CVE-2019-18212
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote…
High
CVE-2019-8238
Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010.20099 and earlier versions; 2017.011.30140 and earlier version; 2017.011.30138 and earlier version; 2015.006.30495 and earlier v…
High
CVE-2019-18371
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by a…
2019-10-16
Medium
CVE-2019-15266
A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to im…
Critical
CVE-2019-17662
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC serv…
2019-10-14
Critical
CVE-2019-16278
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
2019-10-13
High
CVE-2019-17538
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.
High
CVE-2019-17537
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.
2019-10-11
High
CVE-2010-5335
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parame…
High
CVE-2010-5334
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parame…
2019-10-10
High
CVE-2015-9480
The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter.
High
CVE-2015-9473
The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter.
High
CVE-2015-9470
The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.
High
CVE-2015-9463
The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.
High
CVE-2015-9464
The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.
2019-10-09
Medium
CVE-2019-17109
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
Medium
CVE-2019-0074
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to rea…
Critical
CVE-2019-17399
The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment.
2019-10-08
High
CVE-2019-17187
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files.
2019-10-07
High
CVE-2019-17314
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user.
High
CVE-2019-17313
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
High
CVE-2019-17312
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
High
CVE-2019-17311
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
High
CVE-2015-9455
The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action.
2019-10-05
High
CVE-2019-17199
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.
2019-10-04
High
CVE-2019-17175
joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal.
2019-10-03
Medium
CVE-2019-16198
KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter.
2019-10-02
Medium
CVE-2019-12691
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an a…
High
CVE-2019-13343
Butor Portal before 1.0.27 is affected by a Path Traversal vulnerability leading to a pre-authentication arbitrary file download. Effectively, a remote anonymous user can download any file on servers…
2019-10-01
High
CVE-2019-8291
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
Medium
CVE-2019-17073
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.
2019-09-30
High
CVE-2017-18636
CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal.
2019-09-27
High
CVE-2019-9281
In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileg…
Critical
CVE-2019-8074
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the…
2019-09-26
Medium
CVE-2019-16903
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.
2019-09-25
Medium
CVE-2019-12666
A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. Th…
Critical
CVE-2019-16868
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
2019-09-23
High
CVE-2019-13063
Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.…
2019-09-21
Medium
CVE-2019-16680
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
Medium
CVE-2019-16679
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
2019-09-20
High
CVE-2015-9406
Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php.
Critical
CVE-2019-14914
An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.
2019-09-19
Medium
CVE-2019-16511
An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZI…
High
CVE-2019-14994
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version…
2019-09-17
Medium
CVE-2016-10977
The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.
2019-09-16
High
CVE-2019-0207
Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal…
High
CVE-2016-10966
The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.
High
CVE-2016-10965
The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion.
2019-09-13
High
CVE-2019-5484
Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is ext…
2019-09-12
Medium
CVE-2019-5956
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors.
2019-09-09
High
CVE-2019-6783
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. GitLab Pages contains a directory traversal vulnerability that could…
High
CVE-2019-12464
An issue was discovered in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local fi…
2019-09-08
Medium
CVE-2019-16105
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.
2019-09-06
High
CVE-2019-9854
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to…
2019-09-05
High
CVE-2019-15952
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted director…
2019-09-03
Medium
CVE-2019-5480
A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders.
2019-08-30
High
CVE-2019-15630
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released…
Critical
CVE-2019-15822
The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal.
High
CVE-2019-6113
Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI.
2019-08-29
High
CVE-2019-13408
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without a…
2019-08-28
Medium
CVE-2019-15714
cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.
2019-08-23
High
CVE-2019-11654
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files.
Medium
CVE-2019-15520
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory.
Critical
CVE-2019-15519
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
Medium
CVE-2019-15518
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
Medium
CVE-2019-15517
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.
High
CVE-2019-15516
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
2019-08-22
High
CVE-2019-15326
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
High
CVE-2017-18585
The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal.
Critical
CVE-2017-18586
The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths.
Critical
CVE-2014-10390
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal.
High
CVE-2019-14751
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during e…
High
CVE-2019-11029
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to it…
Medium
CVE-2019-11013
Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that ar…
High
CVE-2019-15323
The ad-inserter plugin before 2.4.20 for WordPress has path traversal.
High
CVE-2016-10924
The ebook-download plugin before 1.2 for WordPress has directory traversal.
2019-08-21
High
CVE-2019-11601
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete…
2019-08-20
Medium
CVE-2019-3967
In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.
2019-08-15
High
CVE-2019-9852
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to…
High
CVE-2019-12791
A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form.
Medium
CVE-2018-14672
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
High
CVE-2019-14788
wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the s…
2019-08-13
Critical
CVE-2019-12479
An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specif…
2019-08-09
High
CVE-2019-3744
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by…
Medium
CVE-2019-14798
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
2019-08-08
Medium
CVE-2019-1952
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid adm…
2019-08-06
High
CVE-2019-14701
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but can…
High
CVE-2019-14700
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the…
2019-08-05
High
CVE-2019-14521
The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.
2019-08-02
High
CVE-2019-7859
A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due…
2019-07-31
High
CVE-2019-14452
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
2019-07-30
High
CVE-2019-10152
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arb…
Critical
CVE-2019-13635
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.
2019-07-29
High
CVE-2019-14418
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to…
High
CVE-2019-1020001
yard before 0.9.20 allows path traversal.
2019-07-28
Medium
CVE-2019-14362
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNew…
2019-07-23
High
CVE-2019-1010205
LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. The impact is: The vulnerability allows an attacker to access any file (with a fixed exte…
High
CVE-2019-14240
WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI.
2019-07-17
Medium
CVE-2019-13584
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request.
Medium
CVE-2019-10352
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to defi…
High
CVE-2019-13623
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename…
2019-07-16
Critical
CVE-2019-12990
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
2019-07-15
Medium
CVE-2019-5447
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
2019-07-11
Medium
CVE-2019-3415
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.
2019-07-10
Medium
CVE-2019-5444
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Medium
CVE-2019-5221
There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successfu…
Medium
CVE-2019-13396
FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in…
2019-07-08
High
CVE-2019-12925
MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible…
2019-07-04
High
CVE-2019-13241
FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
2019-07-03
High
CVE-2019-10717
BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter.
2019-07-02
High
CVE-2019-10137
A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the e…
Critical
CVE-2019-7253
Linear eMerge E3-Series devices allow Directory Traversal.
Critical
CVE-2019-7267
Linear eMerge 50P/5000P devices allow Cookie Path Traversal.
2019-06-30
High
CVE-2019-11826
Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.
Medium
CVE-2019-11822
Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto…
2019-06-28
Critical
CVE-2019-10985
In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage…
High
CVE-2018-14918
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.
2019-06-27
High
CVE-2019-3632
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
2019-06-21
High
CVE-2019-10720
BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-671…