• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2019-12314

February 26, 2023 by

Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.

CVE-2019-12169

February 26, 2023 by

ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a “..” pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component.

CVE-2019-12172

February 26, 2023 by

Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.

CVE-2019-12173

February 26, 2023 by

MacDown 0.7.1 (870) allows remote code execution via a file:\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.

CVE-2019-12182

February 26, 2023 by

Directory Traversal in Safescan Timemoto and TA-8000 series version 1.0 allows unauthenticated remote attackers to execute code via the administrative API.

CVE-2019-12137

February 26, 2023 by

Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 307
  • Go to page 308
  • Go to page 309
  • Go to page 310
  • Go to page 311
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE