• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2019-19683

February 26, 2023 by

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.

CVE-2019-19628

February 26, 2023 by

In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions.

CVE-2019-19458

February 26, 2023 by

SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.

CVE-2019-19459

February 26, 2023 by

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.

CVE-2019-19486

February 26, 2023 by

Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to traverse paths via a plugin test.

CVE-2019-19372

February 26, 2023 by

** DISPUTED ** A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a “fully working exploit.”

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 279
  • Go to page 280
  • Go to page 281
  • Go to page 282
  • Go to page 283
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE