Skip to main content

CWE-21

DEPRECATED: Pathname Traversal and Equivalence Errors

4 CVEs Avg CVSS 6.3 MITRE
1
CRITICAL
0
HIGH
3
MEDIUM
0
LOW
2
POC
0
KEV

Monthly

CVE-2024-7738 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Markdown Pdf
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.3%
CVE-2019-11626 MEDIUM POC This Month

routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
CVSS 3.0
5.3
EPSS
1.3%
CVE-2016-1505 PyPI CRITICAL PATCH Act Now

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Radicale
NVD GitHub
CVSS 3.0
10.0
EPSS
1.4%
CVE-2014-2232 MEDIUM This Month

Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Mapsuite
NVD
CVSS 2.0
5.0
EPSS
0.5%
EPSS 0% CVSS 4.8
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Markdown Pdf
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Doorgets Cms
NVD GitHub
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Radicale
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM This Month

Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Mapsuite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy