3164 matches found
CVE-2021-22013
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...
CVE-2021-22013
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...
CVE-2021-22013
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...
CVE-2021-22013
CVE-2021-22013 is a path traversal vulnerability in VMware vCenter Server’s appliance management API that could allow an unauthenticated attacker with network access to port 443 to read arbitrary files, leading to information disclosure. Affected software is vCenter Server; root cause is improper...
WordPress 3DPrint Lite 1.9.1.4 Shell Upload
Exploit Title: Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/3dprint-lite/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/3dprint-lite/ Version: spacehen www.github.com/spacehen" def printusage:...
VMware vCenter Server Appliance External Control of File Path Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of jsonrpc messages. A crafted request can...
VMware vCenter Server Appliance External Control of File Path Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of jsonrpc messages. A crafted request can...
IBM Sterling File Gateway 信息泄露漏洞
IBM Sterling File Gateway is a suite of file transfer software from IBM Corporation. The software integrates different file transfer activity centers and helps file-based data to be securely exchanged over the Internet.An information disclosure vulnerability exists in IBM Sterling File Gateway,...
VMware vCenter Server updates address multiple security vulnerabilities
3a. vCenter Server file upload vulnerability CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. vCenter Server...
Design/Logic Flaw
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up t...
CVE-2021-39327 BulletProof Security <= 5.1 Sensitive Information Disclosure
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up t...
CVE-2021-39327 BulletProof Security <= 5.1 Sensitive Information Disclosure
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up t...
CVE-2021-39327
Summary: CVE-2021-39327 affects the BulletProof Security WordPress plugin up to version 5.1, causing a sensitive information disclosure via a publicly accessible file path disclosure in ~/db_backup_log.txt. This reveals the site’s full path and database backup file paths. Impact (as stated): Atta...
PT-2021-22534 · WordPress · Bulletproof Security
Name of the Vulnerable Software and Affected Versions: BulletProof Security WordPress plugin versions up to, and including, 5.1 Description: The issue concerns sensitive information disclosure due to a file path disclosure in the publicly accessible /db backup log.txt file. This grants attackers...
WordPress 插件 信息泄露漏洞
WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin BulletProof Security suffers from an information disclosure vulnerability that stems from the fact that the BulletProof Security plugin for WordPress can easily disclose sensitive information due to a file...
BulletProof Security < 5.2 - Sensitive Information Disclosure
The plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. PoC...
Huawei EulerOS: Security Advisory for perl-File-Path (EulerOS-SA-2021-2422)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : perl-File-Path (EulerOS-SA-2021-2422)
According to the version of the perl-File-Path package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on...
Remote Mouse Directory Traversal Vulnerability
Remote Mouse is a remote mouse control software. Remote Mouse suffers from a directory traversal vulnerability that originates when a networked system or product fails to properly filter special elements in a resource or file path. An attacker could exploit the vulnerability to access locations...
CVE-2020-20340
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information...