CVEbaza.plSłownik CWECWE-31
Common Weakness Enumeration

CWE-31

Path Traversal: 'dir\..\..\filename'

Kategoria: VariantCVE: 11
Opis

Produkt wykorzystuje dane wejściowe do konstruowania ścieżki, która powinna znajdować się w ograniczonym katalogu, ale nie neutralizuje prawidłowo sekwencji 'dir\..\..\filename' (wielokrotne wewnętrzne sekwencje backslash kropka kropka), które mogą być rozwiązane do lokalizacji poza tym katalogiem.

Description (EN)

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize 'dir\..\..\filename' (multiple internal backslash dot dot) sequences that can resolve to a location that is outside of that directory.

Podatności CVE z CWE-31 (11)
9.9
CVSS
CRITICAL
CVE-2024-2044

pgAdmin w wersji 8.3 i wcześniejszych zawiera podatność path traversal w kodzie obsługi sesji użytkowników, która umożliwia wykonanie dowolnego kodu (RCE) poprzez deserializację złośliwych obiektów pickle. W zależności od systemu operacyjnego atak może być przeprowadzony bez uwierzytelnienia (Windows) lub przez uwierzytelnionego użytkownika (Linux/POSIX).

pub. 2024-03-07
8.8
CVSS
HIGH
CVE-2024-41376

dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php.

pub. 2024-08-05
8.8
CVSS
HIGH
CVE-2024-24998

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

pub. 2024-04-19
8.1
CVSS
HIGH
CVE-2024-28088

LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. (A patch is available as of release 0.1.29 of langchain-core.)

pub. 2024-03-04
7.5
CVSS
HIGH
CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface.

pub. 2024-06-04
7.5
CVSS
HIGH
CVE-2024-35431

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.

pub. 2024-05-30
7.5
CVSS
HIGH
CVE-2019-6268

RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow.

pub. 2024-03-08
7.5
CVSS
HIGH
CVE-2024-25840

In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack.

pub. 2024-02-27
6.5
CVSS
MEDIUM
CVE-2024-35429

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord.

pub. 2024-05-30
5.3
CVSS
MEDIUM
CVE-2023-35860

A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the dir parameter to listing.php or rss.php.

pub. 2024-06-13
4.9
CVSS
MEDIUM
CVE-2024-22723

Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system.

pub. 2024-02-28
Informacje
ID: CWE-31
Typ: Variant
Podatności: 11
MITRE CWE ↗
← Słownik CWE