CVE-2023-23366

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later

Related Vulnerabilities

CVE-2009-4053

MEDIUM
CVSS:6.5(Medium)

Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (...

CWE-222009

CVE-2009-4449

MEDIUM
CVSS:6.5(Medium)

Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine th...

CWE-222009

CVE-2011-4350

MEDIUM
CVSS:6.5(Medium)

Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafte...

CWE-222011

CVE-2013-1597

MEDIUM
CVSS:6.5(Medium)

A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.

CWE-222013

CVE-2013-1891

MEDIUM
CVSS:6.5(Medium)

In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.

CWE-222013

CVE-2013-3993

MEDIUM
CVSS:6.5(Medium)

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified ...

CWE-222013