An attacker can exploit a directory traversal vulnerability in Kyocera Printer d-COPIA253MF by sending a specially crafted HTTP request containing a directory traversal payload followed by a null byte (%00). This allows the attacker to access files outside of the web root directory.
A directory traversal web vulnerability has been discovered in the official Super Backup v2.0.5 ios mobile web-application. The vulnerability allows remote attackers to change the application path in performed requests to compromise the local application or file-system of a mobile device.
A directory traversal web vulnerability has been discovered in the Easy Transfer Wifi Transfer v1.7 ios mobile application. The vulnerability allows remote attackers to change the application path in performed requests to compromise the local application or file-system of a mobile device. Attackers are for example able to request environment variables or a sensitive system path.
This module exploits a authenticated directory traversal vulnerability in Zen Load Balancer `v3.10.1`. The flaw exists in 'index.cgi' not properly handling 'filelog=' parameter which allows a malicious actor to load arbitrary file path.
TVT NVMS 1000 is vulnerable to directory traversal. An attacker can exploit this vulnerability to read arbitrary files from the server. This vulnerability is caused due to insufficient sanitization of user-supplied input to the 'filename' parameter in the 'get_file' function. An attacker can exploit this vulnerability by sending a crafted HTTP request containing directory traversal characters (e.g. '../') in the 'filename' parameter.
The filelog parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. The payload ../../../../../../../../../../../../../../../../etc/shadow was submitted in the filelog parameter. The requested file was returned in the application's response. Note that disclosure of the shadow file may allow an attacker to discover users' passwords
A directory traversal vulnerability exists in Joomla! com_fabrik 3.9.11 due to insufficient sanitization of user-supplied input in the 'folder' parameter of the 'onAjax_files' function in the 'fabrik_element/image/image.php' script. An attacker can exploit this vulnerability to read arbitrary files from the server.
Jreport Help function have a path traversal vulnerability in the SendFileServlet allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
A directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. The vulnerability is a directory traversal bug inside of VMware Fusion. Several of the programs included in VMware Fusion rely on the their path on disk to find other libraries, helper utilities, and service daemons. Two such instances of this code pattern in SUID programs can be found in the 'Open VMware Fusion Services' executable and the 'Open VMware USB Arbitrator Service' executable. These programs try to open the service programs by looking for the files: Open VMware Fusion Services: $DIRECTORY_WITH_SUID_EXECUTABLE/../../../Contents/Library/services/VMware Fusion Services Open VMware USB Arbitrator Service: $DIRECTORY_WITH_SUID_EXECUTABLE/../../../Contents/Library/services/VMware USB Arbitrator Service While ordinarily this is fine, as any attempt to copy the programs will not copy the SUID ownership of the file and any attempt to the move the programs will fail without root access. Furthermore symbolic links will not trick the programs into using the new location. However, on macOS unprivileged users can create hard links to SUID executables, which will trick the programs. Thus, by creating an adequate directory layout and hard linking to the SUDI executables, an attacker can cause the programs to open the service programs from a location under the control of the attacker.
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal (....) to browse outside the root directory to determine the existence of a file on the operating system, and the last mofidied date.
Services By CQR