# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-1010309 |
|
|
Exec Code Dir. Trav. |
2019-07-12 |
2019-07-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
pacman prior to version 5.1.3 is affected by: Directory Traversal. The impact is: arbitrary file placement potentially leading to arbitrary root code execution. The component is: installing a remote package via a specified URL "pacman -U <url>". The problem was located in function curl_download_internal in lib/libalpm/dload.c line 535. The attack vector is: the victim must install a remote package via a specified URL from a malicious server (or a network MitM if downloading over HTTP). The fixed version is: 5.1.3 via commit 9702703633bec2c007730006de2aeec8587dfc84. |
2 |
CVE-2019-1010205 |
22 |
|
Dir. Trav. |
2019-07-23 |
2019-07-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. The impact is: The vulnerability allows an attacker to access any file (with a fixed extension) on the server. The component is: A web-view renderer; details here: https://lgtm.com/projects/g/linagora/hublin/snapshot/af9f1ce253b4ee923ff8da8f9d908d02a8e95b7f/files/backend/webserver/views.js?sort=name&dir=ASC&mode=heatmap&showExcluded=false#xb24eb0101d2aec21:1. The attack vector is: Attacker sends a specially crafted HTTP request. |
3 |
CVE-2019-17538 |
|
|
Dir. Trav. |
2019-10-13 |
2019-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring. |
4 |
CVE-2019-17537 |
|
|
Dir. Trav. |
2019-10-13 |
2019-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring. |
5 |
CVE-2019-17399 |
22 |
|
Dir. Trav. |
2019-10-09 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment. |
6 |
CVE-2019-17314 |
22 |
|
Dir. Trav. |
2019-10-07 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user. |
7 |
CVE-2019-17313 |
22 |
|
Dir. Trav. |
2019-10-07 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user. |
8 |
CVE-2019-17312 |
22 |
|
Dir. Trav. |
2019-10-07 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user. |
9 |
CVE-2019-17311 |
22 |
|
Dir. Trav. |
2019-10-07 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user. |
10 |
CVE-2019-17199 |
22 |
|
Dir. Trav. |
2019-10-05 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring. |
11 |
CVE-2019-17187 |
22 |
|
Dir. Trav. |
2019-10-08 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. |
12 |
CVE-2019-17180 |
22 |
|
DoS Dir. Trav. |
2019-10-04 |
2019-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact. |
13 |
CVE-2019-17175 |
22 |
|
Dir. Trav. |
2019-10-04 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal. |
14 |
CVE-2019-17109 |
22 |
|
Dir. Trav. |
2019-10-09 |
2019-10-11 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. |
15 |
CVE-2019-17073 |
22 |
|
Dir. Trav. |
2019-10-01 |
2019-10-04 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal. |
16 |
CVE-2019-16903 |
22 |
|
Dir. Trav. |
2019-09-26 |
2019-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead. |
17 |
CVE-2019-16868 |
22 |
|
Dir. Trav. |
2019-09-25 |
2019-09-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter. |
18 |
CVE-2019-16680 |
22 |
|
Dir. Trav. |
2019-09-21 |
2019-09-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction. |
19 |
CVE-2019-16679 |
22 |
|
Dir. Trav. File Inclusion |
2019-09-21 |
2019-09-23 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion. |
20 |
CVE-2019-16511 |
22 |
|
Dir. Trav. |
2019-09-19 |
2019-09-20 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full name of an archive file (even with a ../ sequence) is concatenated with the destination path. |
21 |
CVE-2019-16279 |
|
|
DoS Dir. Trav. |
2019-10-14 |
2019-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Directory Traversal in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request. |
22 |
CVE-2019-16278 |
|
|
Exec Code Dir. Trav. |
2019-10-14 |
2019-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. |
23 |
CVE-2019-16198 |
22 |
|
Dir. Trav. |
2019-10-03 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter. |
24 |
CVE-2019-16132 |
22 |
|
Dir. Trav. |
2019-09-08 |
2019-09-10 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring. |
25 |
CVE-2019-16123 |
22 |
|
Dir. Trav. |
2019-09-08 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure. |
26 |
CVE-2019-16105 |
22 |
|
Dir. Trav. |
2019-09-08 |
2019-09-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. |
27 |
CVE-2019-15952 |
22 |
|
Exec Code +Priv Dir. Trav. |
2019-09-05 |
2019-09-06 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted directory. Also, if a page contains a template directive, then the directive will be server side processed. Thus, if a user can control the content of a .html file, then they can inject a payload with a malicious template directive to gain Remote Command Execution. The exploit will work only with the .html extension. |
28 |
CVE-2019-15822 |
22 |
|
Dir. Trav. |
2019-08-30 |
2019-09-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal. |
29 |
CVE-2019-15714 |
22 |
|
Dir. Trav. |
2019-08-28 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations. |
30 |
CVE-2019-15630 |
22 |
|
Dir. Trav. |
2019-08-30 |
2019-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process. |
31 |
CVE-2019-15520 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory. |
32 |
CVE-2019-15519 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin. |
33 |
CVE-2019-15518 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler. |
34 |
CVE-2019-15517 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-27 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal. |
35 |
CVE-2019-15516 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring. |
36 |
CVE-2019-15326 |
22 |
|
Dir. Trav. |
2019-08-22 |
2019-08-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. |
37 |
CVE-2019-15323 |
22 |
|
Dir. Trav. |
2019-08-22 |
2019-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The ad-inserter plugin before 2.4.20 for WordPress has path traversal. |
38 |
CVE-2019-14994 |
22 |
|
Dir. Trav. |
2019-09-19 |
2019-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability. |
39 |
CVE-2019-14914 |
22 |
|
Dir. Trav. |
2019-09-20 |
2019-09-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal. |
40 |
CVE-2019-14798 |
22 |
|
Dir. Trav. File Inclusion |
2019-08-09 |
2019-08-14 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. |
41 |
CVE-2019-14788 |
22 |
|
Exec Code Dir. Trav. |
2019-08-15 |
2019-08-22 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value. |
42 |
CVE-2019-14751 |
22 |
|
Dir. Trav. |
2019-08-22 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. |
43 |
CVE-2019-14701 |
22 |
|
DoS Dir. Trav. |
2019-08-06 |
2019-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random. |
44 |
CVE-2019-14700 |
22 |
|
Dir. Trav. |
2019-08-06 |
2019-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists. |
45 |
CVE-2019-14530 |
22 |
|
Dir. Trav. |
2019-08-13 |
2019-08-19 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. |
46 |
CVE-2019-14521 |
22 |
|
Dir. Trav. |
2019-08-05 |
2019-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter. |
47 |
CVE-2019-14452 |
22 |
|
Dir. Trav. |
2019-07-30 |
2019-08-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. |
48 |
CVE-2019-14418 |
22 |
|
Dir. Trav. |
2019-07-29 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine. |
49 |
CVE-2019-14362 |
22 |
|
Dir. Trav. |
2019-07-28 |
2019-08-14 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value. |
50 |
CVE-2019-14322 |
22 |
|
Dir. Trav. |
2019-07-28 |
2019-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. |