• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2019-9642

February 26, 2023 by

An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a proxy.php?hash=../../../../../var/lib/pydio/data/personal/guest/PoC.php request. This is related to plugins/action.share/src/Store/ShareStore.php.

CVE-2019-9648

February 26, 2023 by

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a …. substring, allowing an attacker to enumerate file existence based on the returned information.

CVE-2019-9649

February 26, 2023 by

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (….) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.

CVE-2019-9662

February 26, 2023 by

An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management module is flawed. An arbitrary file ending in “inc.php” can be deleted via a console/cache/manage.php?type=action&action=batch&batch=delete&ids=../ substring.

CVE-2019-9607

February 26, 2023 by

PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file.

CVE-2019-9610

February 26, 2023 by

An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?res_path=res&up_dir=../ directory traversal, related to the getTemplates function in TemplateController.java.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 256
  • Go to page 257
  • Go to page 258
  • Go to page 259
  • Go to page 260
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE