CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

RedhatCVE•added 2026/01/28 9:16 p.m.•3 views

CVE-2020-36939

Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. Attackers can exploit the disabled Rack::Protection module to read sensitive system files like /etc/passwd and retrieve Apache...

8.7CVSS6AI score0.58885EPSS

Exploits0References1

OSV•added 2026/01/27 4:16 p.m.•0 views

CVE-2020-36939

7.5CVSS7.4AI score0.58885EPSS

Exploits0References4

NVD•added 2026/01/27 4:16 p.m.•4 views

CVE-2020-36939

8.7CVSS0.58885EPSS

Exploits0References4

Cvelist•added 2026/01/27 3:23 p.m.•50 views

CVE-2020-36939 Cassandra Web 0.5.0 - Remote File Read

8.7CVSS0.58885EPSS

Exploits0References4

EUVD•added 2026/01/27 3:23 p.m.•2 views

EUVD-2020-30857

8.7CVSS6AI score0.58885EPSS

Exploits0References4

ATTACKERKB•added 2026/01/27 3:23 p.m.•3 views

CVE-2020-36939

8.7CVSS6AI score0.58885EPSS

Exploits0References5Affected Software1

CVE•added 2026/01/27 3:23 p.m.•7 views

CVE-2020-36939

CVE-2020-36939 affects Cassandra Web 0.5.0. A directory traversal vulnerability arises from the disabled Rack::Protection module, allowing unauthenticated attackers to read arbitrary files (e.g., /etc/passwd) and potentially exfiltrate sensitive credentials. Affected component: web server handlin...

8.7CVSS6AI score0.58885EPSS

Exploits0References4

Vulnrichment•added 2026/01/27 3:23 p.m.•1 views

CVE-2020-36939 Cassandra Web 0.5.0 - Remote File Read

8.7CVSS6AI score0.58885EPSS

Exploits0References4

CNNVD•added 2026/01/27 12:0 a.m.•1 views

Cassandra Web path traversal vulnerability

Cassandra Web is a web interface developed by Bulat Shakirzyanov. Version 0.5.0 of Cassandra Web has a path traversal vulnerability, which arises from improper handling of path traversal parameters, potentially allowing access to arbitrary files...

8.7CVSS5.9AI score0.58885EPSS

Exploits0References5

Positive Technologies•added 2026/01/27 12:0 a.m.•5 views

PT-2026-4921

8.7CVSS6AI score0.58885EPSS

Exploits0References5

Packet Storm•added 2024/09/01 12:0 a.m.•398 views

Cassandra Web File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cassandra Web File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Cassandra...

7.4AI score

Exploits0

Metasploit•added 2022/08/29 6:2 p.m.•227 views

Cassandra Web File Read Vulnerability

This module exploits an unauthenticated directory traversal vulnerability in Cassandra Web 'Cassandra Web' version 0.5.0 and earlier, allowing arbitrary file read with the web server privileges. This vulnerability occurred due to the disabled Rack::Protection module Module Options msf use...

7.2AI score

Exploits0

Exploit DB•added 2021/01/05 12:0 a.m.•386 views

Cassandra Web 0.5.0 - Remote File Read

Exploit Title: Cassandra Web 0.5.0 - Remote File Read Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://github.com/avalanche123/cassandra-web Software Link: https://rubygems.org/gems/cassandra-web/versions/0.5.0 Version: 0.5.0 Tested on: Linux !/usr/bin/python -- coding: UTF-...

7.4AI score

Exploits0

Packet Storm•added 2020/12/29 12:0 a.m.•542 views

Cassandra Web 0.5.0 Remote File Read

!/usr/bin/python -- coding: UTF-8 -- cassmoney.py Cassandra Web 0.5.0 Remote File Read Exploit Jeremy Brown jbrown3264/gmail Dec 2020 Cassandra Web is vulnerable to directory traversal due to the disabled Rack::Protection module. Apache Cassandra credentials are passed via the CLI in order for th...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by