Lucene search
+L

522 matches found

CVE
CVE
added 2017/10/23 8:0 a.m.54 views

CVE-2017-14327

CVE-2017-14327 affects Extreme EXOS 16.x, 21.x, and 22.x, exposing an arbitrary file read vulnerability. The issue allows an administrator (privileges required: HIGH) with local access to read restricted files (confidentiality impact: HIGH; integrity/availability: none). The CVSS vector indicates...

4.9CVSS4.8AI score0.00338EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2017/09/25 12:0 a.m.38 views

FLIR Thermal Camera FFCPTD - Information Disclosure

FLIR Thermal Camera FFCPTD - Information Disclosure FLIR Systems FLIR Thermal Camera F/FC/PT/D Multiple Information Disclosures Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA,...

Exploits0
OSV
OSV
added 2017/07/25 6:29 p.m.5 views

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

9.8CVSS6.1AI score0.02354EPSS
Exploits0References1
NVD
NVD
added 2017/07/24 1:29 p.m.25 views

CVE-2017-11325

An issue was discovered in Tilde CMS 1.0.1. Arbitrary files can be read via a file=../ attack on actionphp/download.File.php...

7.5CVSS7.4AI score0.01167EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2017/06/24 12:0 a.m.396 views

CVE-2017-9833

/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of “../..” using the FILECAMERA variable sent by GET to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue e.g., a vulnerability on one type of camera because Boa does not include any...

7.8CVSS7.6AI score0.68243EPSS
In wildExploits6References3
NVD
NVD
added 2017/05/23 4:29 a.m.18 views

CVE-2015-5382

program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...

6.5CVSS6.3AI score0.03312EPSS
Exploits0References6
CNVD
CNVD
added 2017/04/27 12:0 a.m.5 views

eCommerce Shopsoftware XML External Entity Injection Vulnerability

eCommerce Shopsoftware eCommerce Shop Software is an open source online store system. An XML external entity injection vulnerability exists in the api/it-recht-kanzlei/api-it-recht-kanzlei.php file in eCommerce Shopsoftware version 2.0.2.2 rev 10690. An attacker could exploit this vulnerability t...

10CVSS7.2AI score0.01086EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/19 12:0 a.m.33 views

Apache FOP XML External Entity Injection Vulnerability

Apache FOP Formatting Object Processor is a U.S. Apache Apache Software Foundation by the XSL Formatting Object XSL-FO and output-independent formatting program driven by the print formatting program. It can read the Formatting Object FO tree and render the resulting page to the specified output...

7.9CVSS7.2AI score0.0296EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/04/11 12:0 a.m.17 views

GeoMoose <=2.9.2 /php/download.php parameter ext arbitrary file read vulnerability

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/03/29 12:0 a.m.6 views

Siemens RUGGEDCOM ROX I Arbitrary File Read Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. An arbitrary file read vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to read arbitrary files for...

6.5CVSS6.8AI score0.01149EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/14 12:0 a.m.5 views

McAfee VirusScan Enterprise File Read Vulnerability

McAfee VirusScan Enterprise is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A file read vulnerability exists in VirusScan Enterprise for Linux VS...

4.1CVSS7.1AI score0.06901EPSS
Exploits4References1
CNVD
CNVD
added 2016/10/10 12:0 a.m.4 views

Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions File Containment Vulnerability

Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions are Auto-Matrix USA's building automation front-end solutions for infrastructure, which are primarily deployed stateside in commercial facilities, critical manufacturing and energy and wastewater systems I&C. A...

7.5CVSS7AI score0.01491EPSS
Exploits0References1
seebug.org
seebug.org
added 2016/10/09 12:0 a.m.18 views

Three Yuan up to the wireless AP WPB-5000 arbitrary file read vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/07/19 12:0 a.m.31 views

China innovation LotApp application delivery systems /acc/route_mgmt/edit.php parameters id an arbitrary file read vulnerability

No description provided by source...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/06/23 12:0 a.m.8 views

Alibaba Clone B2B Script - Arbitrary File Disclosure

Alibaba Clone B2B Script - Arbitrary File Disclosure Exploit Title: Alibaba Clone B2B Script File Read Vulnerability Date: 2016-06-22 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://alibaba-clone.com/ Version: All Versions Tested on: CentOS and...

0.1AI score
Exploits0
CNVD
CNVD
added 2016/05/27 12:0 a.m.3 views

PHP File Read Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A fi...

8.6CVSS8.4AI score0.04397EPSS
Exploits1References1
CNVD
CNVD
added 2016/02/23 12:0 a.m.5 views

Ipswitch MOVEit DMZ and MOVEit Mobile File Read Vulnerabilities

Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit DMZ and MOVEit Mobile have a security vulnerability in the 'Send as attachment' function due to the mobile/sendMsg URI failing to adequately filter the ' serverFileIds'...

6.5CVSS7.2AI score0.03111EPSS
Exploits3References1
CNVD
CNVD
added 2015/11/22 12:0 a.m.6 views

Cisco Firepower 9000 Firepower Extensible Operating System File Read Vulnerability

The Cisco Firepower Extensible Operating System on Firepower 9000 is an operating system from Cisco that runs in the 9000 series firewall appliances. A security vulnerability in Cisco Firepower Extensible Operating System 1.1 1.160 on Cisco Firepower 9000 devices allows remote attackers to read...

5CVSS6.8AI score0.01217EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/10/03 10:0 a.m.20 views

CVE-2015-7314

The Precious module in gollum before 4.0.1 allows remote attackers to read arbitrary files by leveraging the lack of a certain temporary-file check...

6.6AI score0.01876EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/07/14 9:0 p.m.25 views

CVE-2015-2412

Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."...

6.1AI score0.17855EPSS
Exploits0References3
Rows per page
Query Builder