Security Vulnerabilities Published In 2020 (Directory traversal)

An issue was discovered in the mozwire crate through 2020-08-18 for Rust. A ../ directory-traversal situation allows overwriting local files that have .conf at the end of the filename.
Max Base Score
9.1
Published 2020-12-31
Updated 2021-01-07
EPSS 0.10%
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.
Max Base Score
7.5
Published 2020-12-27
Updated 2020-12-29
EPSS 1.33%
bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal.
Max Base Score
4.9
Published 2020-12-25
Updated 2021-06-09
EPSS 0.06%
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Max Base Score
7.5
Published 2020-12-28
Updated 2020-12-30
EPSS 0.28%
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623
Max Base Score
7.5
Published 2020-12-23
Updated 2021-02-08
EPSS 10.26%
common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.
Max Base Score
5.3
Published 2020-12-14
Updated 2022-08-06
EPSS 0.09%
A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically crafted request to override the specific file in server with malicious content can login as "admin", then to modify specific shell file to achieve remote code execution(RCE) on the hosting server.
Max Base Score
9.3
Published 2020-12-23
Updated 2021-07-21
EPSS 1.64%
DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. This could allow remote files to be downloaded via a dext5CMD=downloadRequest action with traversal in the fileVirtualPath parameter (the attacker must provide the correct fileOrgName value).
Max Base Score
7.5
Published 2020-12-26
Updated 2020-12-30
EPSS 0.46%
Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product's source code is available.
Max Base Score
7.5
Published 2020-12-26
Updated 2020-12-30
EPSS 0.46%
In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600.
Max Base Score
5.3
Published 2020-12-12
Updated 2022-08-06
EPSS 0.19%
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.
Max Base Score
9.8
Published 2020-12-07
Updated 2021-03-04
EPSS 0.23%
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.
Max Base Score
7.5
Published 2020-12-03
Updated 2021-03-08
EPSS 0.19%
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.
Max Base Score
6.5
Published 2020-11-28
Updated 2020-12-02
EPSS 0.05%
A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request.
Max Base Score
7.5
Published 2020-12-01
Updated 2020-12-02
EPSS 1.95%
A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could allow an unauthenticated attacker to exploit the vulnerability and modify or delete arbitrary files on the product's management console.
Max Base Score
7.5
Published 2020-11-18
Updated 2020-12-02
EPSS 0.34%
HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8.
Max Base Score
6.5
Published 2020-11-24
Updated 2020-12-04
EPSS 0.07%
Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php.
Max Base Score
10.0
Published 2020-12-24
Updated 2020-12-28
EPSS 1.10%
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files.
Max Base Score
5.3
Published 2020-10-29
Updated 2020-11-03
EPSS 4.76%
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system.
Max Base Score
5.5
Published 2020-12-08
Updated 2022-10-12
EPSS 0.12%
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.
Max Base Score
9.8
Published 2020-12-11
Updated 2022-08-06
EPSS 0.43%
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path traversal sequences are needed to exploit this vulnerability.
Max Base Score
7.5
Published 2020-11-17
Updated 2020-12-01
EPSS 0.36%
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
Max Base Score
5.3
Published 2020-12-30
Updated 2021-01-05
EPSS 0.14%
Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. The files can be accessed via directory traversal, i.e., by entering a .. (dot dot) path such as ..\..\..\..\..\<file> in the input field of the FileEditor. In FlexDotnetCMS before v1.5.8, it is also possible to access files by specifying the full path (e.g., C:\<file>). The files can then be edited via the FileEditor.
Max Base Score
8.1
Published 2020-11-12
Updated 2021-07-21
EPSS 0.15%
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).
Max Base Score
9.8
Published 2020-10-27
Updated 2021-12-10
EPSS 2.42%
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to an affected device. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to download arbitrary files from the affected device.
Max Base Score
9.1
Published 2020-11-17
Updated 2020-11-30
EPSS 0.53%
442 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!