CVE-2016-4323

LOW Year: 2016
CVSS v3 Score
3.7
Low
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability.

Related Vulnerabilities

CVE-2023-40160

LOW
CVSS:3.7(Low)

Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker ma...

CWE-222023

CVE-2024-1433

LOW
CVSS:3.7(Low)

A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/even...

CWE-222024

CVE-2024-42408

MEDIUM
CVSS:3.7(Low)

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure.

CWE-222024

CVE-2025-32943

LOW
CVSS:3.7(Low)

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint.

CWE-222025

CVE-2021-24242

LOW
CVSS:3.8(Low)

The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plu...

CWE-222021

CVE-2022-27621

LOW
CVSS:3.8(Low)

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or wri...

CWE-222022