CVE-2023-46496

HIGH Year: 2023
CVSS v3 Score
8.3
High
Weakness Type
CWE-22
View all →

Vulnerability Description

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint.

Related Vulnerabilities

CVE-2021-27275

HIGH
CVSS:8.3(High)

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authen...

CWE-222021

CVE-2021-29492

HIGH
CVSS:8.3(High)

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path wit...

CWE-222021

CVE-2023-42130

HIGH
CVSS:8.3(High)

A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability. This vulnerability allows remote attackers to read and delete arbitrary files on affected installatio...

CWE-222023

CVE-2024-21677

HIGH
CVSS:8.3(High)

This High severity Path Traversal vulnerability was introduced in version 6.13.0 of Confluence Data Center. This Path Traversal vulnerability, with a CVSS Score of 8.3, allows an unauthenticated attac...

CWE-222024

CVE-2024-23468

HIGH
CVSS:8.3(High)

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file dele...

CWE-222024

CVE-2024-27971

HIGH
CVSS:8.3(High)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects...

CWE-222024