545 matches found
CVE-2018-8026
CVE-2018-8026 affects Apache Solr releases 6.0.0–6.6.4 and 7.0.0–7.3.1, due to an XML External Entity (XXE) flaw in Solr config files (currency.xml, enumsConfig.xml referenced from schema.xml, and TIKA parsecontext) and related XInclude handling. An attacker could craft XML and upload manipulated...
CVE-2018-8026
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...
DEBIAN-CVE-2018-12356
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension script...
Code Execution Vulnerability in DocCms 2016 Version
DocCMS rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. A code execution vulnerability...
XML External Entity (XXE)
Apache Solr is vulnerable to XML enternal entity XXE injection. The attack is possible because Solr config files are accessible through API if Xinclude is enabled. Using file/ftp/http protocols, arbitrary files from the Solr server can be exposed...
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...
IBM Tivoli Application Dependency Discovery Manager for Unix Information Disclosure Vulnerability
IBM Tivoli Application Dependency Discovery Manager for Unix TADDM is a U.S.-based IBM product in a suite of IT service management solutions for the Unix platform that provides robust automated application mapping and discovery to help administrators understand business application structure,...
Code Execution Vulnerability in CmsEasy v5.7
CMSeasy is a web content management system based on PHP+Mysql architecture and a PHP development platform. The use of modular development, easy to use features easy to expand, can be oriented to large and medium-sized sites to provide heavyweight website construction solutions. CmsEasy v5.7 versi...
CVE-2017-15236
Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config files and extendword.txt...
Intelbras WRN 150 Security Bypass Vulnerability
Intelbras WRN 150 devices is a wireless router from Intelbras Brazil. A security vulnerability exists in the Intelbras WRN 150 devices. A remote attacker can exploit the vulnerability to read configuration files with the help of a direct request, thereby bypassing authentication...
Arbitrary File Download Vulnerability in javaee Forum System
javaee forum system is a free open source javaee forum source code system , using springMVC mybatis framework development. javaee forum system has an arbitrary file download vulnerability , an attacker can forge files through the path in the request to download the site configuration or system...
Roundcube Webmail Information Disclosure Vulnerability (CNVD-2017-08084)
RoundCube Webmail is a browser-based IMAP client mail client that supports address book management, message searching, spell checking and more. An information disclosure vulnerability exists in Roundcube Webmail version 1.1.x before 1.1.2. A remote attacker can exploit this vulnerability by readi...
NETGEAR DGN2200v1v2v3v4 - dnslookup.cgi Remote Command Execution
NETGEAR DGN2200v1v2v3v4 - dnslookup.cgi Remote Command Execution !/usr/bin/python Provides access to default user account, privileges can be easily elevated by using either: - a kernel exploit ex. memodipper was tested and it worked - by executing /bin/bd suid backdoor present on SOME but not all...
CVE-2016-9357
An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life EoL and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014, EAMAxx prior to January 31, 2014, EMAAxx prior to January 31, 2014, and ESWAxx prior to January 31, 201...
CVE-2016-8346
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access configuration and log files PRIVILEGE ESCALATION...
CVE-2015-5013
The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access...
tomcat: tomcat writable config files allow privilege escalation
It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...