Lucene search
Veracode Vulnerability DatabaseVERACODE:32794HistoryNov 03, 2021 - 12:37 p.m.
Directory Traversal
2021-11-0312:37:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
civetweb
directory traversal
file upload
EPSS
0.004
Percentile
75.2%
civetweb is vulnerable to directory traversal. The vulnerability exists due to lack of sanitization of uploaded filepaths when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path.
Related
redhatcve
redhatcve
CVE-2020-27304
2021-10-22 13:50:43
nvd
nvd
CVE-2020-27304
2021-10-21 16:15:07
cve
cve
CVE-2020-27304
2021-10-21 16:15:07
nessus
nessus
Siemens SCALANCE LPE9403 Path Traversal (CVE-2020-27304)
2024-01-15 00:00:00
openSUSE 15 Security Update : civetweb (openSUSE-SU-2021:1424-1)
2021-11-01 00:00:00
Photon OS 3.0: Falco PHSA-2023-3.0-0599
2024-07-24 00:00:00
suse
suse
Security update for civetweb (moderate)
2021-10-31 00:00:00
Security update for MozillaFirefox (moderate)
2022-05-18 00:00:00
prion
prion
Directory traversal
2021-10-21 16:15:00
ubuntucve
ubuntucve
CVE-2020-27304
2021-10-21 00:00:00
debiancve
debiancve
CVE-2020-27304
2021-10-21 16:15:07
openvas
openvas
openSUSE: Security Advisory for civetweb (openSUSE-SU-2021:1424-1)
2021-11-01 00:00:00
osv
osv
CVE-2020-27304
2021-10-21 16:15:07
cbl_mariner
cbl_mariner
CVE-2020-27304 affecting package ceph for versions less than 18.2.1-1
2024-04-17 22:02:46
cvelist
cvelist
CVE-2020-27304
2021-10-21 15:42:23
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0410
2023-06-16 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0599
2023-06-17 00:00:00
ics
ics
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
2022-06-16 12:00:00
Siemens SINEC INS
2022-03-10 12:00:00
redhat
redhat
(RHSA-2021:4902) Moderate: ACS 3.67 security and enhancement update
2021-12-01 16:08:19