CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Directory Traversal)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-9846 Exec Code Dir. Trav. 2017-06-24 2017-06-24
0.0
None ??? ??? ??? ??? ??? ???
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php move_folder_file call to move a .php file from the FTP folder into a web folder.
2 CVE-2017-9428 22 Dir. Trav. 2017-06-04 2017-06-06
5.0
None Remote Low Not required Partial None None
A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via ..\ sequences in the directory parameter.
3 CVE-2017-9416 22 Dir. Trav. 2017-06-04 2017-06-08
4.0
None Remote Low Single system Partial None None
Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service.
4 CVE-2017-9067 22 Dir. Trav. 2017-05-18 2017-05-31
4.4
None Local Medium Not required Partial Partial Partial
In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal.
5 CVE-2017-9031 22 Dir. Trav. 2017-05-17 2017-06-19
7.5
None Remote Low Not required Partial Partial Partial
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.
6 CVE-2017-9030 22 Dir. Trav. Bypass 2017-05-17 2017-05-26
5.0
None Remote Low Not required Partial None None
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
7 CVE-2017-9024 22 Dir. Trav. 2017-05-21 2017-05-31
5.0
None Remote Low Not required Partial None None
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via ../ sequences in a pathname.
8 CVE-2017-8921 22 Dir. Trav. 2017-05-12 2017-05-26
5.0
None Remote Low Not required None Partial None
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956.
9 CVE-2017-8868 22 Dir. Trav. CSRF 2017-05-10 2017-05-17
5.0
None Remote Low Not required None None Partial
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
10 CVE-2017-8853 22 Dir. Trav. 2017-05-09 2017-05-17
6.4
None Remote Low Not required None Partial Partial
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.
11 CVE-2017-8841 22 Dir. Trav. 2017-06-05 2017-06-12
7.5
None Remote Low Single system None Partial Complete
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.
12 CVE-2017-8314 284 Dir. Trav. 2017-05-23 2017-06-06
4.3
None Remote Medium Not required None Partial None
Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.
13 CVE-2017-8297 22 Dir. Trav. 2017-04-27 2017-05-10
7.5
None Remote Low Not required Partial Partial Partial
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component).
14 CVE-2017-8283 22 Dir. Trav. 2017-04-26 2017-05-10
7.5
None Remote Low Not required Partial Partial Partial
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.
15 CVE-2017-8115 22 Dir. Trav. +Info 2017-04-25 2017-05-05
5.0
None Remote Low Not required Partial None None
Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote attackers to obtain system directory information.
16 CVE-2017-8104 22 Dir. Trav. 2017-04-24 2017-04-28
5.0
None Remote Low Not required Partial None None
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.
17 CVE-2017-7929 22 Dir. Trav. 2017-05-05 2017-05-17
5.5
None Remote Low Single system Partial None Partial
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
18 CVE-2017-7577 22 Dir. Trav. 2017-04-07 2017-04-12
5.0
None Remote Low Not required Partial None None
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.
19 CVE-2017-7565 22 Exec Code Dir. Trav. 2017-04-06 2017-04-12
6.5
None Remote Low Single system Partial Partial Partial
Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.
20 CVE-2017-7462 22 Dir. Trav. 2017-04-11 2017-04-18
7.5
None Remote Low Not required Partial Partial Partial
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.
21 CVE-2017-7461 22 Dir. Trav. 2017-04-11 2017-04-18
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
22 CVE-2017-7433 22 Dir. Trav. 2017-05-18 2017-06-01
4.0
None Remote Low Single system Partial None None
An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication if Guest access is enabled (Guest access is disabled by default).
23 CVE-2017-7358 22 Dir. Trav. 2017-04-05 2017-04-11
6.9
None Local Medium Not required Complete Complete Complete
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
24 CVE-2017-7258 22 Exec Code Dir. Trav. 2017-03-29 2017-04-10
5.0
None Remote Low Not required Partial None None
HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an Attacker to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as demonstrated by reading core-emli/Storage. The affected versions are eMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0.
25 CVE-2017-7240 22 Dir. Trav. 2017-03-24 2017-05-19
5.0
None Remote Low Not required Partial None None
An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. This affects PG8527 devices 2.02 before 2.12, PG8527 devices 2.51 before 2.61, PG8527 devices 2.52 before 2.62, PG8527 devices 2.54 before 2.64, PG8528 devices 2.02 before 2.12, PG8528 devices 2.51 before 2.61, PG8528 devices 2.52 before 2.62, PG8528 devices 2.54 before 2.64, PG8535 devices 1.00 before 1.10, PG8535 devices 1.04 before 1.14, PG8536 devices 1.10 before 1.20, and PG8536 devices 1.14 before 1.24.
26 CVE-2017-6821 22 Dir. Trav. 2017-05-23 2017-05-30
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors.
27 CVE-2017-6805 22 Dir. Trav. 2017-03-20 2017-03-23
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET command.
28 CVE-2017-6681 22 Dir. Trav. 2017-06-13 2017-06-21
5.0
None Remote Low Not required Partial None None
A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. More Information: CSCvc76662. Known Affected Releases: 21.0.0.
29 CVE-2017-6652 22 Dir. Trav. 2017-05-18 2017-05-25
5.0
None Remote Low Not required Partial None None
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory traversal techniques to read files within the Cisco TelePresence IX5000 Series filesystem. This vulnerability affects Cisco TelePresence IX5000 Series devices running software version 8.2.0. Cisco Bug IDs: CSCvc52325.
30 CVE-2017-6637 22 Dir. Trav. 2017-05-21 2017-05-31
4.0
None Remote Low Single system None Partial None
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system. Cisco Bug IDs: CSCvc99618.
31 CVE-2017-6636 22 Dir. Trav. 2017-05-21 2017-05-31
4.0
None Remote Low Single system Partial None None
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to view any file on the system. Cisco Bug IDs: CSCvc99604.
32 CVE-2017-6635 264 Dir. Trav. 2017-05-21 2017-05-31
6.8
None Remote Low Single system None Complete None
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system. Cisco Bug IDs: CSCvc99597.
33 CVE-2017-6629 22 Dir. Trav. 2017-05-03 2017-05-15
5.0
None Remote Low Not required Partial None None
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device. The issue is due to improper sanitization of user-supplied input in HTTP POST parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. Cisco Bug IDs: CSCvd90118.
34 CVE-2017-6527 22 Dir. Trav. 2017-03-09 2017-03-14
5.0
None Remote Low Not required Partial None None
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
35 CVE-2017-6510 22 Dir. Trav. 2017-03-16 2017-03-20
5.0
None Remote Low Not required Partial None None
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory.
36 CVE-2017-6306 22 Dir. Trav. 2017-02-23 2017-03-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."
37 CVE-2017-6190 22 Dir. Trav. 2017-04-10 2017-04-14
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. (dot dot) in a "GET /uir/" request.
38 CVE-2017-5982 22 Dir. Trav. 2017-02-28 2017-03-02
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.
39 CVE-2017-5966 22 Dir. Trav. 2017-05-23 2017-06-08
4.0
None Remote Low Single system Partial None None
Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter.
40 CVE-2017-5946 22 Dir. Trav. 2017-02-27 2017-03-02
7.5
None Remote Low Not required Partial Partial Partial
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.
41 CVE-2017-5899 22 +Priv Dir. Trav. 2017-03-27 2017-03-31
6.9
None Local Medium Not required Complete Complete Complete
Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument.
42 CVE-2017-5869 22 Exec Code Dir. Trav. 2017-03-24 2017-05-23
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header.
43 CVE-2017-5541 22 Dir. Trav. 2017-01-20 2017-01-26
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote attackers to rename arbitrary files via a .. (dot dot) in the existing-folder and new-folder parameters.
44 CVE-2017-5539 284 Dir. Trav. Bypass 2017-01-23 2017-01-26
9.0
None Remote Low Not required Complete Partial Partial
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists.
45 CVE-2017-5480 22 Dir. Trav. 2017-01-15 2017-01-18
5.5
None Remote Low Single system Partial Partial None
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter.
46 CVE-2017-5231 22 Dir. Trav. 2017-03-02 2017-03-20
5.1
None Remote High Not required Partial Partial Partial
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance.
47 CVE-2017-5229 22 Dir. Trav. 2017-03-02 2017-03-20
5.1
None Remote High Not required Partial Partial Partial
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance.
48 CVE-2017-5228 22 Dir. Trav. 2017-03-02 2017-03-20
5.1
None Remote High Not required Partial Partial Partial
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance.
49 CVE-2017-5182 22 Dir. Trav. 2017-01-23 2017-01-26
7.8
None Remote Low Not required Complete None None
Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).
50 CVE-2017-5168 22 Exec Code Dir. Trav. 2017-02-13 2017-02-28
5.1
None Remote High Not required Partial Partial Partial
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.
Total number of vulnerabilities : 3165   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.