Total
7201 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45178 | 2024-11-21 | N/A | 7.1 HIGH | ||
| An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user input validation, it is possible to download arbitrary files from the C-MOR system via a path traversal attack. It was found out that different functionalities are vulnerable to path traversal attacks, due to insufficient user input validation. For instance, the download functionality for backups provided by the script download-bkf.pml is vulnerable to a path traversal attack via the parameter bkf. This enables an authenticated user to download arbitrary files as Linux user www-data from the C-MOR system. Another path traversal attack is in the script show-movies.pml, which can be exploited via the parameter cam. | |||||
| CVE-2024-45175 | 2024-11-21 | N/A | 8.8 HIGH | ||
| An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Sensitive information is stored in cleartext. It was found out that sensitive information, for example login credentials of cameras, is stored in cleartext. Thus, an attacker with filesystem access, for example exploiting a path traversal attack, has access to the login data of all configured cameras, or the configured FTP server. | |||||
| CVE-2024-44625 | 1 Gogs | 1 Gogs | 2024-11-21 | N/A | 8.8 HIGH |
| Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | |||||
| CVE-2024-42007 | 2024-11-21 | N/A | 5.8 MEDIUM | ||
| SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. | |||||
| CVE-2024-41799 | 2024-11-21 | N/A | 8.4 HIGH | ||
| tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .dme files could be uploaded via tgstation-server (requiring a separate, isolated privilege) or some other means. A server configured to execute in BYOND's trusted security level (requiring a third separate, isolated privilege OR being set by another user) could lead to this escalating into remote code execution via BYOND's shell() proc. The ability to execute this kind of attack is a known side effect of having privileged TGS users, but normally requires multiple privileges with known weaknesses. This vector is not intentional as it does not require control over the where deployment code is sourced from and _may_ not require remote write access to an instance's `Configuration` directory. This problem is fixed in versions 6.8.0 and above. | |||||
| CVE-2024-41704 | 1 Librechat | 1 Librechat | 2024-11-21 | N/A | 9.8 CRITICAL |
| LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images. | |||||
| CVE-2024-41695 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory | |||||
| CVE-2024-41628 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | |||||
| CVE-2024-40617 | 1 Fujitsu | 2 Network Edgiot Gw1500, Network Edgiot Gw1500 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. | |||||
| CVE-2024-40550 | 1 Publiccms | 1 Publiccms | 2024-11-21 | N/A | 8.8 HIGH |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-40524 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\application.py component. | |||||
| CVE-2024-40348 | 2024-11-21 | N/A | 8.2 HIGH | ||
| An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. | |||||
| CVE-2024-40051 | 1 Ip-guard | 1 Ip-guard | 2024-11-21 | N/A | 7.5 HIGH |
| IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter. | |||||
| CVE-2024-3934 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2. | |||||
| CVE-2024-3737 | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260576. | |||||
| CVE-2024-3571 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories. | |||||
| CVE-2024-3429 | 1 Lollms | 1 Lollms | 2024-11-21 | N/A | 9.8 CRITICAL |
| A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This vulnerability allows for arbitrary file reading when the application is running on Windows. The issue arises due to insufficient sanitization of user-supplied input, enabling attackers to bypass the path traversal protection mechanisms by crafting malicious input. Successful exploitation could lead to unauthorized access to sensitive files, information disclosure, and potentially a denial of service (DoS) condition by including numerous large or resource-intensive files. This vulnerability affects the latest version prior to 9.6. | |||||
| CVE-2024-3403 | 2024-11-21 | N/A | 7.5 HIGH | ||
| imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI to retrieve or disclose the contents of any file on the system. This vulnerability could lead to various impacts, including but not limited to remote code execution by obtaining private SSH keys, unauthorized access to private files, source code disclosure facilitating further attacks, and exposure of configuration files. | |||||
| CVE-2024-3322 | 1 Lollms | 1 Lollms Web Ui | 2024-11-21 | N/A | 9.8 CRITICAL |
| A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'process_folder' function within 'lollms-webui/zoos/personalities_zoo/cyber_security/codeguard/scripts/processor.py'. Specifically, the function fails to properly sanitize user-supplied input for the 'code_folder_path', allowing an attacker to specify arbitrary paths using '../' or absolute paths. This flaw leads to arbitrary file read and overwrite capabilities in specified directories without limitations, posing a significant risk of sensitive information disclosure and unauthorized file manipulation. | |||||
| CVE-2024-3318 | 2024-11-21 | N/A | 4.2 MEDIUM | ||
| A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources. | |||||