2867 matches found
Design/Logic Flaw
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...
GMS File Path Manipulation
An unauthenticated attacker can gain access to web directory containing application's binaries and configuration files through file path manipulation vulnerability. CVE: CVE-2021-20030 Last updated: Oct. 13, 2022, 9:40 a.m...
SonicWALL Global Management System 路径遍历漏洞
The SonicWALL Global Management System GMS is a global management system from SonicWALL USA. The system enables rapid deployment and centralized management of Dell SonicWALL firewall, anti-spam, backup and recovery, and secure remote access solutions. A security vulnerability exists in the...
CVE-2021-20030
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...
PT-2022-9165 · Sonicwall · Sonicwall Gms
Name of the Vulnerable Software and Affected Versions: SonicWall GMS affected versions not specified Description: The issue allows an unauthenticated attacker to gain access to the web directory containing the application's binaries and configuration files through file path manipulation...
PT-2022-6707 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.4R3-S1-EVO Juniper Networks Junos OS Evolved version 21.1-EVO Juniper Networks Junos OS Evolved versions prior to 21.2R3-EVO Juniper Networks Junos OS Evolved versions prior to 21.3R2-EVO...
Information Disclosure
fwupd is vulnerable to information disclosure. The vulnerability exists when creating an OPERATOR user account on the BMC, allowing an attacker to read the the configuration files on the system...
CVE-2022-34002
The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...
CVE-2022-34002
The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...
Design/Logic Flaw
The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...
CVE-2022-34002
The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
CVE-2020-14379
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure...
CVE-2020-14379
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure...
CVE-2020-14379
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure...
Zimbra 安全漏洞
Zimbra is an open source email collaboration platform from Zimbra, Inc. in the United States. Zimbra suffers from a security vulnerability that stems from its sudo configuration that allows a user to execute zmslapd binaries as the root user with arbitrary parameters. As part of its intended...
Design/Logic Flaw
With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file i...
CVE-2022-2653
The CVE-2022-2653 entry maps to a path traversal vulnerability in plankanban/planka (planka) that enables an attacker to read sensitive files such as configuration files and /proc/self/environ when the web server runs as root. Affected component is the web-accessible endpoint that uses a filename...