Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7738 | 1 Yzane | 1 Markdown Pdf | 2024-09-13 | 1.7 LOW | 7.8 HIGH |
| A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2016-15017 | 1 Ecodev | 1 Media Upload | 2024-05-17 | 5.2 MEDIUM | 9.8 CRITICAL |
| A vulnerability has been found in fabarea media_upload on TYPO3 and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address this issue. The patch is identified as b25d42a4981072321c1a363311d8ea2a4ac8763a. It is recommended to upgrade the affected component. VDB-217786 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-10030 | 1 Surpass Project | 1 Surpass | 2024-05-17 | 5.2 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The patch is identified as d22337d453a2a14194cdb02bf12cdf9d9f827aa7. It is recommended to upgrade the affected component. VDB-217642 is the identifier assigned to this vulnerability. | |||||
| CVE-2019-1020001 | 1 Yardoc | 1 Yard | 2024-03-06 | 5.0 MEDIUM | 7.5 HIGH |
| yard before 0.9.20 allows path traversal. | |||||
| CVE-2019-11626 | 1 Doorgets | 1 Doorgets Cms | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. | |||||
| CVE-2016-1505 | 2 Microsoft, Radicale | 2 Windows, Radicale | 2024-02-04 | 7.5 HIGH | 10.0 CRITICAL |
| The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore. | |||||
| CVE-2014-2232 | 1 Infoware | 1 Mapsuite | 2024-02-04 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors. | |||||