Vulnerabilities (CVE)

Filtered by CWE-22
Total 6551 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25450 1 Google 1 Android 2024-11-21 3.3 LOW 4.5 MEDIUM
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket.
CVE-2021-25367 1 Samsung 1 Notes 2024-11-21 5.5 MEDIUM 3.7 LOW
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVE-2021-25311 1 Wisc 1 Htcondor 2024-11-21 9.0 HIGH 9.9 CRITICAL
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
CVE-2021-25282 3 Debian, Fedoraproject, Saltstack 3 Debian Linux, Fedora, Salt 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
CVE-2021-25140 1 Hp 1 Moonshot Provisioning Manager 2024-11-21 10.0 HIGH 9.8 CRITICAL
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This vulnerability could be remotely exploited by an unauthenticated user to cause a directory traversal in user supplied input to the `khuploadfile.cgi` CGI ELF. The directory traversal could lead to Remote Code Execution, Denial of Service, and/or compromise system integrity. **Note:** HPE recommends that customers discontinue the use of the HPE Moonshot Provisioning Manager. The HPE Moonshot Provisioning Manager application is discontinued, no longer supported, is not available to download from the HPE Support Center, and no patch is available.
CVE-2021-25129 1 Hpe 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more 2024-11-21 7.2 HIGH 7.8 HIGH
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
CVE-2021-25128 1 Hpe 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more 2024-11-21 7.2 HIGH 7.8 HIGH
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.
CVE-2021-25125 1 Hpe 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more 2024-11-21 7.2 HIGH 7.8 HIGH
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.
CVE-2021-25124 1 Hpe 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more 2024-11-21 7.2 HIGH 7.8 HIGH
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.
CVE-2021-25082 1 Sygnoos 1 Popup Builder 2024-11-21 6.5 MEDIUM 8.8 HIGH
The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, since the beginning of the string can be controlled, the issue can lead to RCE vulnerability via wrappers such as PHAR
CVE-2021-25021 1 Ffw 1 Optimize My Google Fonts 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin
CVE-2021-25020 1 Daan 1 Complete Analytics Optimization Suite 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin
CVE-2021-24970 1 Plugins360 1 All-in-one Video Gallery 2024-11-21 6.5 MEDIUM 7.2 HIGH
The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue
CVE-2021-24962 1 Iptanus 2 Wordpress File Upload, Wordpress File Upload Pro 2024-11-21 6.5 MEDIUM 8.8 HIGH
The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.
CVE-2021-24820 1 Bold-themes 1 Cost Calculator 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout
CVE-2021-24761 1 Bestwebsoft 1 Error Log Viewer 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server.
CVE-2021-24692 1 Tipsandtricks-hq 1 Simple Download Monitor 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector.
CVE-2021-24689 1 Wpeverest 1 Contact Form 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack
CVE-2021-24644 1 Imagestowebp Project 1 Images To Webp 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue
CVE-2021-24639 1 Ffw 1 Omgf 2024-11-21 5.5 MEDIUM 8.1 HIGH
The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgf_ajax_empty_dir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server.