ReportizFlow
Filtered by vendor
Subscriptions
Total
8404 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47849 | 1 Yodinfo | 1 Mini Mouse | 2026-02-02 | 6.2 Medium |
| Mini Mouse 9.3.0 contains a path traversal vulnerability that allows attackers to access sensitive system directories through the device information endpoint. Attackers can retrieve file lists from system directories like /usr, /etc, and /var by manipulating file path parameters in API requests. | ||||
| CVE-2021-47850 | 1 Yodinfo | 1 Mini Mouse | 2026-02-02 | 7.5 High |
| Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating file and path parameters. | ||||
| CVE-2021-47751 | 1 Phphtmledit | 2 Cuteeditor, Rich Text Editor | 2026-02-02 | 7.5 High |
| CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath() function by renaming uploaded HTML files using directory traversal sequences to write files outside the intended template directory. | ||||
| CVE-2018-25144 | 1 Microhardcorp | 22 Bullet-3g, Bullet-3g Firmware, Bullet-lte and 19 more | 2026-02-02 | 8.4 High |
| Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests. | ||||
| CVE-2026-21851 | 2 Monai, Project-monai | 2 Monai, Monai | 2026-02-02 | 5.3 Medium |
| MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal (Zip Slip) vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function. Commit 4014c8475626f20f158921ae0cf98ed259ae4d59 fixes this issue. | ||||
| CVE-2020-11738 | 1 Awesomemotive | 1 Duplicator | 2026-02-02 | 7.5 High |
| The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. | ||||
| CVE-2026-24842 | 1 Isaacs | 1 Tar | 2026-02-02 | 8.2 High |
| node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory. Version 7.5.7 contains a fix for the issue. | ||||
| CVE-2026-24770 | 1 Infiniflow | 1 Ragflow | 2026-01-31 | 9.8 Critical |
| RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "Zip Slip" vulnerability, allowing an attacker to overwrite arbitrary files on the server (leading to Remote Code Execution) via a malicious ZIP archive. The MinerUParser class retrieves and extracts ZIP files from an external source (mineru_server_url). The extraction logic in `_extract_zip_no_root` fails to sanitize filenames within the ZIP archive. Commit 64c75d558e4a17a4a48953b4c201526431d8338f contains a patch for the issue. | ||||
| CVE-2025-13879 | 2 Efficientip, Solidserver | 2 Solidserver Ip Address Management, Solidserver Ipam | 2026-01-30 | 2.7 Low |
| Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the 'directory' parameter in '/mod/ajax.php?action=sections/list/list'.For examplem setting the 'directory' parameter to '/' displays files outside the 'LOCAL:///' folder. | ||||
| CVE-2025-67488 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-01-30 | 7.8 High |
| SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, and can escalate to full code execution under some circumstances. A fix is planned for version 3.5.0. | ||||
| CVE-2026-23954 | 2 Linuxcontainers, Lxc | 2 Incus, Incus | 2026-01-30 | 8.7 High |
| Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitrary command execution on the host. When using an image with a metadata.yaml containing templates, both the source and target paths are not checked for symbolic links or directory traversal. This can also be exploited in IncusOS. A fix is planned for versions 6.0.6 and 6.21.0, but they have not been released at the time of publication. | ||||
| CVE-2026-23850 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-01-30 | 7.5 High |
| SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server side html-rendering which allows arbitrary file read (LFD). Version 3.5.4 fixes the issue. | ||||
| CVE-2026-23851 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-01-30 | 6.5 Medium |
| SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper path validation. The vulnerability exists in the api/file.go source code. The function globalCopyFiles accepts a list of source paths (srcs) from the JSON request body. While the code checks if the source file exists using filelock.IsExist(src), it fails to validate whether the source path resides within the authorized workspace directory. Version 3.5.4 patches the issue. | ||||
| CVE-2022-50932 | 1 Kyocera | 1 Command Center Rx | 2026-01-30 | 7.5 High |
| Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like /js/../../../../.../etc/passwd%00.jpg (null-byte appended traversal) to access critical files such as /etc/passwd and /etc/shadow. | ||||
| CVE-2020-37015 | 1 Ruijienetworks | 1 Switch Eweb S29 Rgos | 2026-01-30 | 7.5 High |
| Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve system configuration files containing credentials and network settings. | ||||
| CVE-2025-67160 | 1 Vatilon | 2 Pa4, Pa4 Firmware | 2026-01-30 | 7.5 High |
| An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal. | ||||
| CVE-2025-6776 | 1 Xiaoyunjie | 1 Openvpn-cms-flask | 2026-01-30 | 7.3 High |
| A vulnerability classified as critical was found in xiaoyunjie openvpn-cms-flask up to 1.2.7. This vulnerability affects the function Upload of the file app/plugins/oss/app/controller.py of the component File Upload. The manipulation of the argument image leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.2.8 is able to address this issue. The name of the patch is e23559b98c8ea2957f09978c29f4e512ba789eb6. It is recommended to upgrade the affected component. | ||||
| CVE-2025-9435 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2026-01-29 | 5.5 Medium |
| Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the User Management module | ||||
| CVE-2020-36939 | 1 Avalanche123 | 1 Cassandra Web | 2026-01-29 | 7.5 High |
| Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. Attackers can exploit the disabled Rack::Protection module to read sensitive system files like /etc/passwd and retrieve Apache Cassandra database credentials. | ||||
| CVE-2026-1056 | 2 2inc, Wordpress | 2 Snow Monkey Forms, Wordpress | 2026-01-29 | 9.8 Critical |
| The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generate_user_dirpath' function in all versions up to, and including, 12.0.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||