Lucene search
+L

522 matches found

NVD
NVD
added 2022/02/09 10:15 p.m.32 views

CVE-2022-23621

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can read any file located in the XWiki WAR for example xwiki.cfg and xwiki.properties through XWikiinvokeServletAndReturnAsString as...

5.5CVSS0.00935EPSS
Exploits0References3
CVE
CVE
added 2022/02/04 11:24 a.m.91 views

CVE-2022-23316

taoCMS v3.0.2 contains an arbitrary file read vulnerability in the admin download path. The issue can be exploited via admin.php?action=file&ctrl=download&path=../../1.txt to read arbitrary files, indicating a path-traversal flaw in the file download handler. Impact centers on confidentiality (re...

4.9CVSS5.2AI score0.01017EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/01/06 11:37 a.m.52 views

CVE-2021-44351

CVE-2021-44351 affects NavigateCMS 2.9. The vulnerability is an arbitrary file read via /navigate/navigate_download.php id parameter due to improper validation in the navigate_download.php handler. The root cause is insufficient input validation of the id parameter in that file, enabling an attac...

7.5CVSS7.4AI score0.01775EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2022/01/05 12:0 a.m.227 views

TermTalk Server 3.24.0.2 Arbitrary File Read

Exploit Title: TermTalk Server 3.24.0.2 - Arbitrary File Read Unauthenticated Date: 03/01/2022 Exploit Author: Fabiano Golluscio @ Swascan Vendor Homepage: https://www.solari.it/it/ Software Link: https://www.solari.it/it/solutions/other-solutions/access-control/ Version: 3.24.0.2 Fixed Version:...

0.2AI score
Exploits0
CVE
CVE
added 2022/01/03 12:35 p.m.52 views

CVE-2021-44674

CVE-2021-44674 affects Opmantek Open-AudIT 4.2.0. The vulnerability is an information exposure via a path traversal issue that allows an authenticated attacker to read files outside of restricted directories. The NVD entry notes network access with low attack complexity and the ability to read re...

6.5CVSS6.1AI score0.01038EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2021/12/13 5:26 p.m.837 views

Exploit for CVE-2021-43008

CVE-2021-43008 - AdminerRead Exploit tool for Adminer 1...

7.5CVSS7.5AI score0.13641EPSS
Exploits4
The Hacker News
The Hacker News
added 2021/11/30 9:11 a.m.142 views

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation LPE on vulnerable systems. Tracked as CVE-2021-24084 CVSS score: 5.5, the flaw concerns an information disclosure...

7.8CVSS0.5AI score0.20099EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.10 views

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products allows a hacker to read arbitrary files using the RETR operation, write to arbitrary files using the STOR operation, or obtain confidential database location information using the PMODE operation.

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to read arbitrary files using the RETR operation, write to arbitrary files using the STOR operation, or obtain...

7.5CVSS5.6AI score0.22543EPSS
Exploits3References3
CNNVD
CNNVD
added 2021/11/02 12:0 a.m.6 views

Fortinet FortiPortal代码问题漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for use by MSPs. The vulnerability stems from an improper restriction of the XML external entity...

8.1CVSS5.8AI score0.008EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/09/09 1:30 a.m.19 views

CVE-2021-32833 Unauthenticated file read in Emby Server

Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read vulnerabilities. This vulnerability is known to exist in version 4.6.4.0 and may not be patched in later versions. Known vulnerable routes are...

8.6CVSS8.7AI score0.01273EPSS
Exploits1References1
Prion
Prion
added 2021/08/30 6:15 p.m.29 views

Information disclosure

The vRealize Operations Manager API 8.x prior to 8.5 contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure...

4CVSS5.7AI score0.01134EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2021/08/30 5:53 p.m.75 views

CVE-2021-22022

Summary (CVE-2021-22022) : VMware vRealize Operations Manager API (versions 8.x before 8.5) contains an arbitrary file read vulnerability. An attacker with administrative access to the vROps API can read arbitrary files on the server, causing information disclosure. The issue is tied to the vROps...

4.9CVSS5.9AI score0.01134EPSS
Exploits0References1Affected Software3
ATTACKERKB
ATTACKERKB
added 2021/08/12 12:0 a.m.23 views

CVE-2021-26086

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1...

5.3CVSS6.8AI score0.99999EPSS
In wildExploits6References3
Cvelist
Cvelist
added 2021/08/03 12:0 a.m.26 views

CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3...

5.8AI score0.99937EPSS
Exploits6References2
NVD
NVD
added 2021/06/01 2:15 p.m.30 views

CVE-2021-33184

Server-Side request forgery SSRF vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors...

7.7CVSS0.01EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/19 12:0 a.m.8 views

Arbitrary File Read Vulnerability in H3C SecPath ACG1000

The H3C SecPath ACG1000 is a next-generation application control gateway. An arbitrary file read vulnerability exists in the H3C SecPath ACG1000. An attacker can exploit the vulnerability to read arbitrary files...

7AI score
Exploits0
Hacker One
Hacker One
added 2021/05/13 11:37 p.m.200 views

Sifchain: Path Transversal inside saveContracts.js

Reference: https://portswigger.net/web-security/file-path-traversal Directory traversal also known as file path traversal is a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data,...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/05/10 12:0 a.m.3 views

Arbitrary File Read Vulnerability in BlueLine's New Generation Digital OA (Large and Medium Enterprises) EKP

Shenzhen BlueLine Software Co., Ltd. is a well-known large-platform OA service provider and a leading knowledge management solution provider in China, which is a national high-tech enterprise specializing in knowledge-based consulting, software R&D, implementation and technical services for...

7AI score
Exploits0
CNVD
CNVD
added 2021/05/06 12:0 a.m.1 views

Arbitrary File Read Vulnerability in Dahua In-vehicle Integrated Management Platform of Zhejiang Huaruijie Technology Co.

Ltd. is a subsidiary of Zhejiang Dahua Technology Co., Ltd. and the company's business scope: technical services, technology development, manufacturing of automobile parts and accessories; wholesale of automobiles and spare parts; retail of automobile parts and accessories; manufacturing of...

7AI score
Exploits0
seebug.org
seebug.org
added 2021/05/06 12:0 a.m.40 views

蓝凌OA前台任意文件读取漏洞

...

0.3AI score
Exploits0
Rows per page
Query Builder