CVE-2024-49249

HIGH Year: 2024
CVSS v3 Score
8.6
High
Weakness Type
CWE-35
View all →

Vulnerability Description

Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3.

Related Vulnerabilities

CVE-2024-21575

CRITICAL
CVSS:8.6(High)

ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the `image.filename` field in a POST request sent to the `/upload/temp` endpoint added by the extension ...

CWE-352024

CVE-2024-52447

HIGH
CVSS:8.6(High)

Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through 1.6.1.

CWE-352024

CVE-2024-56049

HIGH
CVSS:8.5(High)

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.

CWE-352024

CVE-2024-56055

HIGH
CVSS:8.5(High)

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.

CWE-352024

CVE-2023-46690

HIGH
CVSS:8.8(High)

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution.

CWE-352023

CVE-2023-5800

HIGH
CVSS:8.8(High)

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw c...

CWE-352023