• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2022-27043

February 23, 2023 by godfreyd94

Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 – 2.3.6 Neptune is vulnerable to Directory Traversal.

CVE-2022-26960

February 23, 2023 by godfreyd94

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.

CVE-2022-26884

February 23, 2023 by godfreyd94

Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher.

CVE-2022-26889

February 23, 2023 by godfreyd94

In Splunk Enterprise versions before 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. It allows an attacker to potentially inject arbitrary content into the web page (e.g., HTML Injection, XSS) or bypass SPL safeguards for risky commands. The attack is browser-based. An attacker cannot exploit the attack at will and requires the attacker to initiate a request within the victim’s browser (e.g., phishing).

CVE-2022-26835

February 23, 2023 by godfreyd94

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, directory traversal vulnerabilities exist in undisclosed iControl REST endpoints and TMOS Shell (tmsh) commands in F5 BIG-IP Guided Configuration, which may allow an authenticated attacker with at least resource administrator role privileges to read arbitrary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVE-2022-26675

February 23, 2023 by godfreyd94

aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote attacker can bypass authentication and perform path traversal attacks to access arbitrary files under website root directory.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 480
  • Go to page 481
  • Go to page 482
  • Go to page 483
  • Go to page 484
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE