Total
7067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46886 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2024-11-21 | 9.1 Critical |
| Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read. | ||||
| CVE-2023-46864 | 1 Peppermint | 1 Peppermint | 2024-11-21 | 5.3 Medium |
| Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request. | ||||
| CVE-2023-46863 | 1 Peppermint | 1 Peppermint | 2024-11-21 | 7.5 High |
| Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST request. | ||||
| CVE-2023-46784 | 2024-11-21 | 8.2 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3. | ||||
| CVE-2023-46749 | 2 Apache, Redhat | 2 Shiro, Jboss Fuse | 2024-11-21 | 6.5 Medium |
| Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default). | ||||
| CVE-2023-46690 | 1 Deltaww | 1 Infrasuite Device Master | 2024-11-21 | 8.8 High |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. | ||||
| CVE-2023-46645 | 1 Github | 1 Enterprise Server | 2024-11-21 | 6.8 Medium |
| A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. | ||||
| CVE-2023-46497 | 1 Evershop | 1 Evershop | 2024-11-21 | 5.4 Medium |
| Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the mkdirSync function in the folderCreate/createFolder.js endpoint. | ||||
| CVE-2023-46496 | 1 Evershop | 1 Evershop | 2024-11-21 | 8.3 High |
| Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint. | ||||
| CVE-2023-46493 | 1 Evershop | 1 Evershop | 2024-11-21 | 5.3 Medium |
| Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the readDirSync function in fileBrowser/browser.js. | ||||
| CVE-2023-46455 | 1 Gl-inet | 2 Gl-ar300m, Gl-ar300m Firmware | 2024-11-21 | 7.5 High |
| In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality. | ||||
| CVE-2023-46346 | 1 Myprestamodules | 1 Exportproducts | 2024-11-21 | 7.5 High |
| In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system. | ||||
| CVE-2023-46307 | 1 Buddho | 1 Etcd Browser | 2024-11-21 | 7.5 High |
| An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system. | ||||
| CVE-2023-46253 | 1 Squidex.io | 1 Squidex | 2024-11-21 | 9.1 Critical |
| Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution (RCE). Squidex allows users with the `squidex.admin.restore` permission to create and restore backups. Part of these backups are the assets uploaded to an App. For each asset, the backup zip archive contains a `.asset` file with the actual content of the asset as well as a related `AssetCreatedEventV2` event, which is stored in a JSON file. Amongst other things, the JSON file contains the event type (`AssetCreatedEventV2`), the ID of the asset (`46c05041-9588-4179-b5eb-ddfcd9463e1e`), its filename (`test.txt`), and its file version (`0`). When a backup with this event is restored, the `BackupAssets.ReadAssetAsync` method is responsible for re-creating the asset. For this purpose, it determines the name of the `.asset` file in the zip archive, reads its content, and stores the content in the filestore. When the asset is stored in the filestore via the UploadAsync method, the assetId and fileVersion are passed as arguments. These are further passed to the method GetFileName, which determines the filename where the asset should be stored. The assetId is inserted into the filename without any sanitization and an attacker with squidex.admin.restore privileges to run arbitrary operating system commands on the underlying server (RCE). | ||||
| CVE-2023-46237 | 1 Fogproject | 1 Fogproject | 2024-11-21 | 5.8 Medium |
| FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, an endpoint intended to offer limited enumeration abilities to authenticated users was accessible to unauthenticated users. This enabled unauthenticated users to discover files and their respective paths that were visible to the Apache user group. Version 1.5.10 contains a patch for this issue. | ||||
| CVE-2023-46205 | 2024-11-21 | 7.1 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.14. | ||||
| CVE-2023-46197 | 2024-11-21 | 8.8 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. | ||||
| CVE-2023-46177 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 6.5 Medium |
| IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536. | ||||
| CVE-2023-46122 | 1 Scala-sbt | 2 Io, Sbt | 2024-11-21 | 3.9 Low |
| sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwrite `/root/.ssh/authorized_keys`. Within sbt's main code, `IO.unzip` is used in `pullRemoteCache` task and `Resolvers.remote`; however many projects use `IO.unzip(...)` directly to implement custom tasks. This vulnerability has been patched in version 1.9.7. | ||||
| CVE-2023-46119 | 1 Parseplatform | 1 Parse-server | 2024-11-21 | 7.5 High |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes when uploading a file without extension. This vulnerability has been patched in versions 5.5.6 and 6.3.1. | ||||