350 matches found
CVE-2023-23838 Directory traversal and file enumeration vulnerability: Database Performance Analyzer (DPA) 2023.1
Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server...
Debian: Security Advisory (DLA-695-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2018-15750
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server...
Unraveling the techniques of Mac ransomware
Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, systems, and platforms...
Unraveling the techniques of Mac ransomware
Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, systems, and platforms...
CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list
Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...
CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list
Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...
GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking
Credits Author: M3n0sD0n4ld Twitter: @DavidUton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone...
Design/Logic Flaw
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...
CVE-2022-0779
The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...
CVE-2022-0779
The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...
CVE-2022-0779 User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...
WordPress plugin User Meta Manager 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A path traversal vulnerability exists in versions of the WordPress User Meta Manager plugin prior to...
WordPress User Meta plugin <= 2.4.3 - Local File Enumeration via Path Traversal vulnerability
Local File Enumeration via Path Traversal vulnerability discovered by Julien Ahrens in WordPress User Meta plugin versions = 2.4.3. Solution Update the WordPress User Meta plugin to the latest available version at least 2.4.4...
User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
The plugin does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads PoC As a subscriber, submit a dummy image on a page/post with a File Uplo...
User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
The plugin does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads As a subscriber, submit a dummy image on a page/post with a File Upload...
CVE-2022-24485
Win32 File Enumeration Remote Code Execution Vulnerability...
CVE-2022-24485
Win32 File Enumeration Remote Code Execution Vulnerability...
CVE-2022-24485
Win32 File Enumeration Remote Code Execution Vulnerability...
Remote code execution
Win32 File Enumeration Remote Code Execution Vulnerability...