522 matches found
CVE-2017-14327
CVE-2017-14327 affects Extreme EXOS 16.x, 21.x, and 22.x, exposing an arbitrary file read vulnerability. The issue allows an administrator (privileges required: HIGH) with local access to read restricted files (confidentiality impact: HIGH; integrity/availability: none). The CVSS vector indicates...
FLIR Thermal Camera FFCPTD - Information Disclosure
FLIR Thermal Camera FFCPTD - Information Disclosure FLIR Systems FLIR Thermal Camera F/FC/PT/D Multiple Information Disclosures Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA,...
CVE-2017-11459
SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...
CVE-2017-11325
An issue was discovered in Tilde CMS 1.0.1. Arbitrary files can be read via a file=../ attack on actionphp/download.File.php...
CVE-2017-9833
/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of “../..” using the FILECAMERA variable sent by GET to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue e.g., a vulnerability on one type of camera because Boa does not include any...
CVE-2015-5382
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...
eCommerce Shopsoftware XML External Entity Injection Vulnerability
eCommerce Shopsoftware eCommerce Shop Software is an open source online store system. An XML external entity injection vulnerability exists in the api/it-recht-kanzlei/api-it-recht-kanzlei.php file in eCommerce Shopsoftware version 2.0.2.2 rev 10690. An attacker could exploit this vulnerability t...
Apache FOP XML External Entity Injection Vulnerability
Apache FOP Formatting Object Processor is a U.S. Apache Apache Software Foundation by the XSL Formatting Object XSL-FO and output-independent formatting program driven by the print formatting program. It can read the Formatting Object FO tree and render the resulting page to the specified output...
GeoMoose <=2.9.2 /php/download.php parameter ext arbitrary file read vulnerability
No description provided by source...
Siemens RUGGEDCOM ROX I Arbitrary File Read Vulnerability
Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. An arbitrary file read vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to read arbitrary files for...
McAfee VirusScan Enterprise File Read Vulnerability
McAfee VirusScan Enterprise is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A file read vulnerability exists in VirusScan Enterprise for Linux VS...
Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions File Containment Vulnerability
Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions are Auto-Matrix USA's building automation front-end solutions for infrastructure, which are primarily deployed stateside in commercial facilities, critical manufacturing and energy and wastewater systems I&C. A...
Three Yuan up to the wireless AP WPB-5000 arbitrary file read vulnerability
No description provided by source...
China innovation LotApp application delivery systems /acc/route_mgmt/edit.php parameters id an arbitrary file read vulnerability
No description provided by source...
Alibaba Clone B2B Script - Arbitrary File Disclosure
Alibaba Clone B2B Script - Arbitrary File Disclosure Exploit Title: Alibaba Clone B2B Script File Read Vulnerability Date: 2016-06-22 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://alibaba-clone.com/ Version: All Versions Tested on: CentOS and...
PHP File Read Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A fi...
Ipswitch MOVEit DMZ and MOVEit Mobile File Read Vulnerabilities
Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit DMZ and MOVEit Mobile have a security vulnerability in the 'Send as attachment' function due to the mobile/sendMsg URI failing to adequately filter the ' serverFileIds'...
Cisco Firepower 9000 Firepower Extensible Operating System File Read Vulnerability
The Cisco Firepower Extensible Operating System on Firepower 9000 is an operating system from Cisco that runs in the 9000 series firewall appliances. A security vulnerability in Cisco Firepower Extensible Operating System 1.1 1.160 on Cisco Firepower 9000 devices allows remote attackers to read...
CVE-2015-7314
The Precious module in gollum before 4.0.1 allows remote attackers to read arbitrary files by leveraging the lack of a certain temporary-file check...
CVE-2015-2412
Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."...