3349 matches found
PT-2022-19043 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.0 Description: The issue is related to an Arbitrary file reading vulnerability. Recommendations: For novel-plus version 3.6.0, at the moment, there is no information about a newer version that contains a fix for this...
GHSA-M52M-2QPX-9J4J Zope Object Database (ZODB) Arbitrary files reading and deletion
Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...
TYPO3 leaks a hash secret in an error message
The jumpUrl mechanism in class.tslibfe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret juHash in an error message, which allows remote attackers to read arbitrary files by including the hash in a request...
GHSA-C22J-84C7-CM77 TYPO3 leaks a hash secret in an error message
The jumpUrl mechanism in class.tslibfe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret juHash in an error message, which allows remote attackers to read arbitrary files by including the hash in a request...
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter...
WordPress plugin Web To Print Shop : uDraw arbitrary file reading vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Web To Print Shop: An arbitrary file reading vulnerability exists in versions of uDraw prior...
WordPress plugin Admin Word Count Column arbitrary file reading vulnerability
WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. PHP is a scripting language that executes on the server side. WordPress plugin Admin An arbitrary file reading vulnerability exists in Word Count Column 2.2 and earlier versions, which...
CVE-2022-1390
CVE-2022-1390 affects the WordPress plugin Admin Word Count Column (versions
UCMS arbitrary file reading vulnerability
UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...
UCMS 路径遍历漏洞
UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...
Arbitrary File Read Vulnerability in e-office of Shanghai Panavision Network Technology Co. Ltd (CNVD-2022-43244)
e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...
Arbitrary File Read Vulnerability in e-office of Shanghai Panavision Network Technology Co.
e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...
The vulnerability of the wavlike_ima_decode_block() function in the libsndfile library for reading and writing audio files allows a attacker to execute arbitrary code on the target system.
The vulnerability of the wavlikeimadecodeblock function in the libsndfile library for reading and writing audio files is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the target system...
PT-2022-2849 · Cisco · Cisco Iox +1
Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operati...
InHand Networks InRouter 900 Industrial 4G Router路径遍历漏洞
The InHand Networks InRouter 900 is a series of industrial routers from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter 900 Industrial 4G Router, which can be exploited by attackers to read arbitrary file via the function sub177E0...
HPE OneView File Reading Vulnerability
A file read vulnerability exists in versions prior to HPE OneView 6.6, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit this vulnerability to cause local unauthorized file read access...
SOURCEFORGE Adminer安全漏洞
SOURCEFORGE Adminer is an application from the American SOURCEFORGE community. It provides database management in a single PHP file. A security vulnerability exists in Adminer version 4.6.2 and prior versions that stems from the presence of improper access control. An attacker can exploit the...
Caucho Resin 路径遍历漏洞
Caucho Resin is a web server and Java application server from Caucho Corporation. A security vulnerability exists in Caucho Resin versions 4.0.52 through 4.0.56, which stems from a directory traversal vulnerability due to a lack of restrictions on directory special separators in the application...
Jenkins Tests Selector Plugin 信息泄露漏洞
Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Tests Selector Plugin 1.3.3 a...
Jenkins Extended Choice Parameter Plugin任意文件读取漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Extended Choice Parameter Plugin...