CVE-2024-41511

LOW Year: 2024
CVSS v3 Score
3.9
Low
Weakness Type
CWE-22
View all →

Vulnerability Description

A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter.

Related Vulnerabilities

CVE-2020-11736

LOW
CVSS:3.9(Low)

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the ...

CWE-222020

CVE-2017-18824

MEDIUM
CVSS:4.0(Medium)

Certain NETGEAR devices are affected by directory traversal. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M430...

CWE-222017

CVE-2021-24242

LOW
CVSS:3.8(Low)

The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plu...

CWE-222021

CVE-2022-27621

LOW
CVSS:3.8(Low)

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or wri...

CWE-222022

CVE-2023-41044

LOW
CVSS:3.8(Low)

Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's `Support Bundle` feature. The vulnerability is caused by incorrect user input validation ...

CWE-222023

CVE-2024-36795

MEDIUM
CVSS:4.0(Medium)

Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.

CWE-222024