Total
6537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35778 | 1 Slideshow Se Project | 1 Slideshow Se | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John West Slideshow SE PHP Local File Inclusion.This issue affects Slideshow SE: from n/a through 2.5.17. | |||||
| CVE-2024-35754 | 1 Ovic Importer Project | 1 Ovic Importer | 2024-11-21 | N/A | 7.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3. | |||||
| CVE-2024-35745 | 1 Strategery-migrations Project | 1 Strategery-migrations | 2024-11-21 | N/A | 7.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0. | |||||
| CVE-2024-35744 | 1 Upunzipper Project | 1 Upunzipper | 2024-11-21 | N/A | 8.6 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0. | |||||
| CVE-2024-35743 | 1 Sc Filechecker Project | 1 Sc Filechecker | 2024-11-21 | N/A | 8.6 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6. | |||||
| CVE-2024-35712 | 1 Meowapps | 1 Database Cleaner | 2024-11-21 | N/A | 4.9 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Jordy Meow Database Cleaner allows Relative Path Traversal.This issue affects Database Cleaner: from n/a through 1.0.5. | |||||
| CVE-2024-35677 | 1 Stylemixthemes | 1 Mega Menu | 2024-11-21 | N/A | 9.0 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12. | |||||
| CVE-2024-35658 | 1 Themehigh | 1 Checkout Field Editor For Woocommerce | 2024-11-21 | N/A | 8.6 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2. | |||||
| CVE-2024-35634 | 1 Wow-company | 1 Woocommerce - Recent Purchases | 2024-11-21 | N/A | 4.9 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1. | |||||
| CVE-2024-35474 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| A Directory Traversal vulnerability in iceice666 ResourcePack Server before v1.0.8 allows a remote attacker to disclose files on the server, via setPath in ResourcePackFileServer.kt. | |||||
| CVE-2024-35429 | 1 Zkteco | 1 Zkbio Cvsecurity | 2024-11-21 | N/A | 6.5 MEDIUM |
| ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord. | |||||
| CVE-2024-35428 | 1 Zkteco | 1 Zkbio Cvsecurity | 2024-11-21 | N/A | 7.1 HIGH |
| ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS. | |||||
| CVE-2024-35324 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php. | |||||
| CVE-2024-35219 | 2024-11-21 | N/A | 8.3 HIGH | ||
| OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the `outputFolder` option. The issue was fixed in version 7.6.0 by removing the usage of the `outputFolder` option. No known workarounds are available. | |||||
| CVE-2024-35205 | 2024-11-21 | N/A | 7.8 HIGH | ||
| The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID. | |||||
| CVE-2024-35162 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server. | |||||
| CVE-2024-35081 | 2024-11-21 | N/A | 7.5 HIGH | ||
| LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method. | |||||
| CVE-2024-34854 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| F-logic DataCube3 v1.0 is vulnerable to File Upload via `/admin/transceiver_schedule.php.` | |||||
| CVE-2024-34832 | 1 Cubecart | 1 Cubecart | 2024-11-21 | N/A | 9.8 CRITICAL |
| Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters. | |||||
| CVE-2024-34808 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samuel Marshall JCH Optimize.This issue affects JCH Optimize: from n/a through 4.2.0. | |||||