• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2019-8411

February 26, 2023 by

admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.

CVE-2019-8412

February 26, 2023 by

FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-.. or index.php?s=Admin-Data-Del-id-.. directory traversal.

CVE-2019-8358

February 26, 2023 by

In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.

CVE-2019-8385

February 26, 2023 by

An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated directory traversal and local file inclusion vulnerability in the ThomsonReuters.Desktop.Service.exe and ThomsonReuters.Desktop.exe allows a remote attacker to list or enumerate sensitive contents of files via a .. to port 6677. Additionally, this could allow for privilege escalation by dumping the affected machine’s SAM and SYSTEM database files, as well as remote code execution.

CVE-2019-8389

February 26, 2023 by

A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file).

CVE-2019-8395

February 26, 2023 by

An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 260
  • Go to page 261
  • Go to page 262
  • Go to page 263
  • Go to page 264
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE