Filtered by CWE-22
Filtered by vendor Subscriptions
Total 7514 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-16093 1 Cyber-js Project 1 Cyber-js 2024-11-21 N/A
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVE-2017-16092 1 Sencisho Project 1 Sencisho 2024-11-21 N/A
Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVE-2017-16091 1 Xtalk Project 1 Xtalk 2024-11-21 N/A
xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVE-2017-16090 1 Fsk-server Project 1 Fsk-server 2024-11-21 N/A
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVE-2017-16089 1 Serverlyr Project 1 Serverlyr 2024-11-21 N/A
serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVE-2017-16085 1 Tinyserver2 Project 1 Tinyserver2 2024-11-21 N/A
tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVE-2017-16084 1 List-n-stream Project 1 List-n-stream 2024-11-21 N/A
list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVE-2017-16083 1 Node-simple-router 1 Node-simple-router 2024-11-21 N/A
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVE-2017-16039 1 Hftp Project 1 Hftp 2024-11-21 N/A
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVE-2017-16038 1 F2e-server Project 1 F2e-server 2024-11-21 N/A
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
CVE-2017-16037 1 Gomeplus-h5-proxy Project 1 Gomeplus-h5-proxy 2024-11-21 N/A
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
CVE-2017-16036 1 Badjs-sourcemap-server Project 1 Badjs-sourcemap-server 2024-11-21 N/A
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVE-2017-16029 1 Hostr Project 1 Hostr 2024-11-21 N/A
hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3.5 and earlier that allows an attacker to read files outside the current directory by sending `../` in the url path for GET requests.
CVE-2017-15712 1 Apache 1 Oozie 2024-11-21 N/A
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host.
CVE-2017-15684 1 Craftercms 1 Crafter Cms 2024-11-21 7.5 High
Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.
CVE-2017-15681 1 Craftercms 1 Crafter Cms 2024-11-21 9.8 Critical
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.
CVE-2017-15550 1 Emc 3 Avamar Server, Integrated Data Protection Appliance, Networker 2024-11-21 N/A
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
CVE-2017-14804 2 Opensuse, Suse 2 Leap, Linux Enterprise Software Development Kit 2024-11-21 N/A
The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.
CVE-2017-14537 1 Netfortris 1 Trixbox 2024-11-21 6.5 Medium
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
CVE-2017-14384 1 Dell 1 Storage Manager 2024-11-21 N/A
In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability.