Search Results (9667 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-25046 1 Cloudfoundry 1 Archiver 2025-04-11 9.1 Critical
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVE-2024-57549 1 Cmsimple 1 Cmsimple 2025-04-11 7.5 High
CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request.
CVE-2022-44564 1 Huawei 2 Aslan-al10, Aslan-al10 Firmware 2025-04-11 7.8 High
Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources.
CVE-2020-36566 1 Tar-utils Project 1 Tar-utils 2025-04-11 9.1 Critical
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVE-2020-36561 1 Unzip Project 1 Unzip 2025-04-11 9.1 Critical
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVE-2020-36560 1 Go-unzip Project 1 Go-unzip 2025-04-11 9.1 Critical
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVE-2020-36559 1 Aahframework 1 Aah 2025-04-11 7.5 High
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
CVE-2024-37231 1 Salonbookingsystem 1 Salon Booking System 2025-04-11 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.
CVE-2023-35947 1 Gradle 1 Gradle 2025-04-11 6.9 Medium
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the Gradle process has write permissions. For a build reading Tar entries from a Tar archive, this issue could allow Gradle to disclose information from sensitive files through an arbitrary file read. To exploit this behavior, an attacker needs to either control the source of an archive already used by the build or modify the build to interact with a malicious archive. It is unlikely that this would go unnoticed. A fix has been released in Gradle 7.6.2 and 8.2 to protect against this vulnerability. Starting from these versions, Gradle will refuse to handle Tar archives which contain path traversal elements in a Tar entry name. Users are advised to upgrade. There are no known workarounds for this vulnerability. ### Impact This is a path traversal vulnerability when Gradle deals with Tar archives, often referenced as TarSlip, a variant of ZipSlip. * When unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the Gradle process has write permissions. * For a build reading Tar entries from a Tar archive, this issue could allow Gradle to disclose information from sensitive files through an arbitrary file read. To exploit this behavior, an attacker needs to either control the source of an archive already used by the build or modify the build to interact with a malicious archive. It is unlikely that this would go unnoticed. Gradle uses Tar archives for its [Build Cache](https://docs.gradle.org/current/userguide/build_cache.html). These archives are safe when created by Gradle. But if an attacker had control of a remote build cache server, they could inject malicious build cache entries that leverage this vulnerability. This attack vector could also be exploited if a man-in-the-middle can be performed between the remote cache and the build. ### Patches A fix has been released in Gradle 7.6.2 and 8.2 to protect against this vulnerability. Starting from these versions, Gradle will refuse to handle Tar archives which contain path traversal elements in a Tar entry name. It is recommended that users upgrade to a patched version. ### Workarounds There is no workaround. * If your build deals with Tar archives that you do not fully trust, you need to inspect them to confirm they do not attempt to leverage this vulnerability. * If you use the Gradle remote build cache, make sure only trusted parties have write access to it and that connections to the remote cache are properly secured. ### References * [CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')](https://cwe.mitre.org/data/definitions/22.html) * [Gradle Build Cache](https://docs.gradle.org/current/userguide/build_cache.html) * [ZipSlip](https://security.snyk.io/research/zip-slip-vulnerability)
CVE-2013-5301 1 Trustport 1 Webfilter 2025-04-11 N/A
Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter.
CVE-2011-4135 1 Flexerasoftware 1 Flexnet Publisher 2025-04-11 N/A
Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-1389.
CVE-2011-1654 1 Broadcom 1 Total Defense 2025-04-11 N/A
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
CVE-2011-1589 1 Mojolicious 1 Mojolicious 2025-04-11 N/A
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
CVE-2011-2167 2 Dovecot, Redhat 2 Dovecot, Enterprise Linux 2025-04-11 N/A
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
CVE-2011-2657 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
CVE-2011-2643 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
CVE-2012-6324 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2012-0419 1 Novell 1 Groupwise 2025-04-11 N/A
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.
CVE-2007-6736 1 G.rodola 1 Pyftpdlib 2025-04-11 N/A
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
CVE-2012-1024 1 Dream-multimedia-tv 1 Enigma2 Webinterface 2025-04-11 N/A
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.