Total
7397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24363 | 1 10web | 1 Photo Gallery | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector | |||||
| CVE-2021-24242 | 1 Themeum | 1 Tutor Lms | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
| The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file | |||||
| CVE-2021-24013 | 1 Fortinet | 1 Fortimail | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Multiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests. | |||||
| CVE-2021-24010 | 1 Fortinet | 1 Fortisandbox | 2024-11-21 | 4.0 MEDIUM | 8.1 HIGH |
| Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests. | |||||
| CVE-2021-23797 | 1 Http-server-node Project | 1 Http-server-node | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
| All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is. | |||||
| CVE-2021-23631 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file. | |||||
| CVE-2021-23520 | 1 Juce | 1 Juce | 2024-11-21 | 7.5 HIGH | 5.5 MEDIUM |
| The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo() on a ZipFile object. | |||||
| CVE-2021-23514 | 1 Crowcpp | 1 Crow | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server. | |||||
| CVE-2021-23484 | 1 Zip-local Project | 1 Zip-local | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory. | |||||
| CVE-2021-23430 | 1 Startserver Project | 1 Startserver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. | |||||
| CVE-2021-23427 | 1 Elfinder.netcore Project | 1 Elfinder.netcore | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation. | |||||
| CVE-2021-23423 | 1 Bikeshed Project | 1 Bikeshed | 2024-11-21 | 5.0 MEDIUM | 5.5 MEDIUM |
| This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output. | |||||
| CVE-2021-23415 | 1 Elfinder.aspnet Project | 1 Elfinder.aspnet | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path. | |||||
| CVE-2021-23407 | 1 Elfinder.net.core Project | 1 Elfinder.net.core | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects the package elFinder.Net.Core from 0 and before 1.2.4. The user-controlled file name is not properly sanitized before it is used to create a file system path. | |||||
| CVE-2021-23391 | 1 Calipso Project | 1 Calipso | 2024-11-21 | 3.6 LOW | 7.3 HIGH |
| This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality. | |||||
| CVE-2021-23357 | 1 Tyk | 1 Tyk | 2024-11-21 | 4.6 MEDIUM | 3.3 LOW |
| All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this value is then used to create a file on disk. If there is a file found with the same name then it will be deleted and then re-created with the contents of the API creation request. | |||||
| CVE-2021-23340 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
| This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability. | |||||
| CVE-2021-23242 | 1 Mercusys | 2 Mercury X18g, Mercury X18g Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ to the UPnP server, as demonstrated by the /../../conf/template/uhttpd.json URI. | |||||
| CVE-2021-23241 | 1 Mercusys | 2 Mercury X18g, Mercury X18g Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI. | |||||
| CVE-2021-23043 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||