CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2019(Directory Traversal)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1010309 Exec Code Dir. Trav. 2019-07-12 2019-07-12
0.0
None ??? ??? ??? ??? ??? ???
pacman prior to version 5.1.3 is affected by: Directory Traversal. The impact is: arbitrary file placement potentially leading to arbitrary root code execution. The component is: installing a remote package via a specified URL "pacman -U <url>". The problem was located in function curl_download_internal in lib/libalpm/dload.c line 535. The attack vector is: the victim must install a remote package via a specified URL from a malicious server (or a network MitM if downloading over HTTP). The fixed version is: 5.1.3 via commit 9702703633bec2c007730006de2aeec8587dfc84.
2 CVE-2019-1010257 22 Dir. Trav. 2019-03-27 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An Information Disclosure / Data Modification issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can be downloaded. The file will be deleted after download if the web server has permission to do so. For PHP versions before 5.3, any file can be read by null terminating the string left of the file extension.
3 CVE-2019-1010205 22 Dir. Trav. 2019-07-23 2019-07-26
5.0
None Remote Low Not required Partial None None
LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. The impact is: The vulnerability allows an attacker to access any file (with a fixed extension) on the server. The component is: A web-view renderer; details here: https://lgtm.com/projects/g/linagora/hublin/snapshot/af9f1ce253b4ee923ff8da8f9d908d02a8e95b7f/files/backend/webserver/views.js?sort=name&dir=ASC&mode=heatmap&showExcluded=false#xb24eb0101d2aec21:1. The attack vector is: Attacker sends a specially crafted HTTP request.
4 CVE-2019-1010151 22 Dir. Trav. 2019-07-19 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php.
5 CVE-2019-1000009 22 Dir. Trav. 2019-02-04 2019-02-08
4.0
None Remote Low ??? None Partial None
Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HTTP API to save charts that can result in a specially crafted chart could be uploaded and saved outside the intended location. This attack appears to be exploitable via A POST request to the HTTP API can save a chart archive outside of the intended directory. If authentication is, optionally, enabled this requires an authorized user to do so. This vulnerability appears to have been fixed in 0.8.1.
6 CVE-2019-1000008 22 Dir. Trav. 2019-02-04 2019-02-15
4.3
None Remote Medium Not required None Partial None
All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2.
7 CVE-2019-20085 22 Dir. Trav. 2019-12-30 2020-04-14
5.0
None Remote Low Not required Partial None None
TVT NVMS-1000 devices allow GET /.. Directory Traversal
8 CVE-2019-20049 Exec Code Dir. Trav. Bypass 2019-12-27 2020-01-07
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().
9 CVE-2019-19848 22 Dir. Trav. 2019-12-17 2019-12-23
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)
10 CVE-2019-19845 22 Dir. Trav. 2019-12-18 2019-12-19
5.0
None Remote Low Not required Partial None None
In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.
11 CVE-2019-19790 22 Dir. Trav. 2019-12-13 2019-12-30
7.5
None Remote Low Not required Partial Partial Partial
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in favor of RadHtmlChart. All RadChart versions were affected. To avoid this vulnerability, you must remove RadChart's HTTP handler from a web.config (its type is Telerik.Web.UI.ChartHttpHandler).
12 CVE-2019-19781 22 Dir. Trav. 2019-12-27 2020-01-08
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
13 CVE-2019-19731 22 Exec Code Dir. Trav. 2019-12-16 2019-12-23
5.0
None Remote Low Not required None Partial None
Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded).
14 CVE-2019-19683 22 Dir. Trav. 2019-12-09 2019-12-17
9.0
None Remote Low ??? Complete Complete Complete
RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.
15 CVE-2019-19458 22 Dir. Trav. 2019-12-03 2019-12-11
5.0
None Remote Low Not required Partial None None
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
16 CVE-2019-19374 22 Dir. Trav. 2019-12-11 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server during interaction with the File Upload field type, when a custom form exists. (This is related to an information disclosure issue within the File Upload field type that allows users to view the full path to uploaded files, including the product's web root directory.)
17 CVE-2019-19372 22 Dir. Trav. 2019-11-28 2019-12-17
5.0
None Remote Low Not required Partial None None
** DISPUTED ** A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit."
18 CVE-2019-19229 22 Dir. Trav. 2019-12-04 2019-12-16
4.0
None Remote Low ??? Partial None None
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
19 CVE-2019-19141 434 Exec Code Dir. Trav. 2019-12-19 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as (on a default Ubuntu installation) creating a .ssh folder in the plex user's home directory via directory traversal, uploading an SSH authorized_keys file there, and logging into the host as the Plex user via SSH.
20 CVE-2019-18978 22 Dir. Trav. 2019-11-14 2021-05-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
21 CVE-2019-18951 22 Dir. Trav. 2019-11-13 2019-11-15
5.0
None Remote Low Not required Partial None None
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
22 CVE-2019-18924 22 Dir. Trav. 2019-11-12 2019-11-13
5.0
None Remote Low Not required Partial None None
Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.
23 CVE-2019-18922 22 Dir. Trav. 2019-11-29 2019-12-10
7.8
None Remote Low Not required Complete None None
A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.
24 CVE-2019-18665 22 Dir. Trav. File Inclusion 2019-11-02 2019-11-04
5.0
None Remote Low Not required Partial None None
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.
25 CVE-2019-18393 22 Dir. Trav. 2019-10-24 2020-08-07
5.0
None Remote Low Not required Partial None None
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
26 CVE-2019-18371 22 Dir. Trav. Bypass 2019-10-23 2019-10-29
5.0
None Remote Low Not required Partial None None
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.
27 CVE-2019-18338 23 Dir. Trav. 2019-12-12 2021-04-22
4.0
None Remote Low ??? Partial None None
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.
28 CVE-2019-18253 22 Dir. Trav. 2019-11-27 2019-12-17
7.5
None Remote Low Not required Partial Partial Partial
An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.
29 CVE-2019-18212 22 Dir. Trav. 2019-10-23 2019-10-30
4.0
None Remote Low ??? None Partial None
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
30 CVE-2019-18189 22 Dir. Trav. Bypass 2019-10-28 2019-11-05
10.0
None Remote Low Not required Complete Complete Complete
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.
31 CVE-2019-18187 22 Exec Code Dir. Trav. 2019-10-28 2019-10-31
5.0
None Remote Low Not required Partial None None
Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication.
32 CVE-2019-17662 22 Dir. Trav. 2019-10-16 2020-08-24
5.0
None Remote Low Not required Partial None None
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.
33 CVE-2019-17538 22 Dir. Trav. 2019-10-13 2019-10-17
5.0
None Remote Low Not required Partial None None
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.
34 CVE-2019-17537 22 Dir. Trav. 2019-10-13 2019-10-17
6.4
None Remote Low Not required None Partial Partial
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.
35 CVE-2019-17406 22 Dir. Trav. 2019-11-25 2019-12-04
5.0
None Remote Low Not required Partial None None
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
36 CVE-2019-17404 22 Dir. Trav. 2019-11-25 2019-12-04
4.0
None Remote Low ??? Partial None None
Nokia IMPACT < 18A: allows full path disclosure
37 CVE-2019-17399 22 Dir. Trav. 2019-10-09 2019-10-11
7.5
None Remote Low Not required Partial Partial Partial
The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment.
38 CVE-2019-17327 22 Exec Code Dir. Trav. 2019-11-08 2019-11-13
6.5
None Remote Low ??? Partial Partial Partial
JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.
39 CVE-2019-17324 22 Dir. Trav. 2019-10-30 2019-11-01
4.3
None Remote Medium Not required None Partial None
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
40 CVE-2019-17322 22 Dir. Trav. 2019-10-30 2021-11-03
4.3
None Remote Medium Not required None Partial None
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written. This can be an executable file that is written to in the arbitrary directory. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
41 CVE-2019-17314 22 Dir. Trav. 2019-10-07 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user.
42 CVE-2019-17313 22 Dir. Trav. 2019-10-07 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
43 CVE-2019-17312 22 Dir. Trav. 2019-10-07 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
44 CVE-2019-17311 22 Dir. Trav. 2019-10-07 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
45 CVE-2019-17224 22 Dir. Trav. 2019-10-28 2019-11-05
5.0
None Remote Low Not required Partial None None
The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html.
46 CVE-2019-17199 22 Dir. Trav. 2019-10-05 2019-10-10
5.0
None Remote Low Not required Partial None None
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.
47 CVE-2019-17187 22 Dir. Trav. 2019-10-08 2019-10-11
5.0
None Remote Low Not required Partial None None
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files.
48 CVE-2019-17180 22 DoS Dir. Trav. 2019-10-04 2020-01-16
7.2
None Local Low Not required Complete Complete Complete
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact.
49 CVE-2019-17175 22 Dir. Trav. 2019-10-04 2019-10-08
5.0
None Remote Low Not required Partial None None
joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal.
50 CVE-2019-17109 22 Dir. Trav. 2019-10-09 2019-10-25
4.0
None Remote Low ??? None Partial None
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
Total number of vulnerabilities : 469   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.