Vulnerabilities (CVE)

Filtered by CWE-23
Total 150 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34605 1 Xinje 1 Xd\/e Series Plc Program Tool 2024-11-21 6.0 MEDIUM 7.3 HIGH
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool.
CVE-2021-29488 4 Apple, Linux, Microsoft and 1 more 4 Macos, Linux Kernel, Windows and 1 more 2024-11-21 5.0 MEDIUM 4.3 MEDIUM
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround, limit downloads to NZBs without PAR2 files, deny write permissions to the SABnzbd process outside areas it must access to perform its job, or update to a fixed version.
CVE-2020-25172 1 Bbraun 1 Onlinesuite Application Package 2024-11-21 7.5 HIGH 9.8 CRITICAL
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
CVE-2019-19287 1 Siemens 1 Xhq 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.
CVE-2019-18338 1 Siemens 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server 2024-11-21 4.0 MEDIUM 7.7 HIGH
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.
CVE-2024-11309 1 Trcore 1 Dvc 2024-11-20 N/A 7.5 HIGH
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
CVE-2024-11310 1 Trcore 1 Dvc 2024-11-20 N/A 7.5 HIGH
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
CVE-2024-11311 1 Trcore 1 Dvc 2024-11-20 N/A 9.8 CRITICAL
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11312 1 Trcore 1 Dvc 2024-11-20 N/A 9.8 CRITICAL
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11313 1 Trcore 1 Dvc 2024-11-20 N/A 9.8 CRITICAL
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11314 1 Trcore 1 Dvc 2024-11-20 N/A 9.8 CRITICAL
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11315 1 Trcore 1 Dvc 2024-11-20 N/A 9.8 CRITICAL
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-6985 1 Lollms 1 Lollms 2024-11-15 N/A 4.4 MEDIUM
A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files.
CVE-2024-47769 1 Idurarapp 1 Idurar 2024-11-13 N/A 7.5 HIGH
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement without additional checks. This allows an attacker to send URL encoded malicious payload. The directory structure can be escaped to read system files by adding an encoded string (payload) at subpath location.
CVE-2024-10200 1 Wellchoose 1 Administrative Management System 2024-10-24 N/A 7.5 HIGH
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
CVE-2024-9923 1 Teamplus 1 Team\+ Pro 2024-10-24 N/A 4.9 MEDIUM
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them.
CVE-2024-9922 1 Teamplus 1 Team\+ Pro 2024-10-24 N/A 7.5 HIGH
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
CVE-2024-43614 1 Microsoft 1 Defender For Endpoint 2024-10-21 N/A 5.5 MEDIUM
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
CVE-2024-45731 2 Microsoft, Splunk 2 Windows, Splunk 2024-10-17 N/A 8.0 HIGH
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.
CVE-2024-9983 1 Ragic 1 Enterprise Cloud Database 2024-10-16 N/A 7.5 HIGH
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.