Lucene search
K

3349 matches found

Positive Technologies
Positive Technologies
added 2022/05/05 12:0 a.m.7 views

PT-2022-19043 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.0 Description: The issue is related to an Arbitrary file reading vulnerability. Recommendations: For novel-plus version 3.6.0, at the moment, there is no information about a newer version that contains a fix for this...

7.5CVSS7.3AI score0.01042EPSS
Exploits1References4
OSV
OSV
added 2022/05/02 3:37 a.m.19 views

GHSA-M52M-2QPX-9J4J Zope Object Database (ZODB) Arbitrary files reading and deletion

Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...

9.8CVSS6.1AI score0.00971EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/02 3:18 a.m.11 views

TYPO3 leaks a hash secret in an error message

The jumpUrl mechanism in class.tslibfe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret juHash in an error message, which allows remote attackers to read arbitrary files by including the hash in a request...

5CVSS7.2AI score0.42227EPSS
Exploits3References6Affected Software1
OSV
OSV
added 2022/05/02 3:18 a.m.5 views

GHSA-C22J-84C7-CM77 TYPO3 leaks a hash secret in an error message

The jumpUrl mechanism in class.tslibfe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret juHash in an error message, which allows remote attackers to read arbitrary files by including the hash in a request...

6.9CVSS6.4AI score0.42227EPSS
Exploits3References6
Github Security Blog
Github Security Blog
added 2022/05/01 11:38 p.m.7 views

Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter

Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter...

4CVSS6.2AI score0.02255EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2022/04/27 12:0 a.m.19 views

WordPress plugin Web To Print Shop : uDraw arbitrary file reading vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Web To Print Shop: An arbitrary file reading vulnerability exists in versions of uDraw prior...

7.5CVSS2.5AI score0.07736EPSS
Exploits2References1
CNVD
CNVD
added 2022/04/27 12:0 a.m.25 views

WordPress plugin Admin Word Count Column arbitrary file reading vulnerability

WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. PHP is a scripting language that executes on the server side. WordPress plugin Admin An arbitrary file reading vulnerability exists in Word Count Column 2.2 and earlier versions, which...

9.8CVSS2.3AI score0.22133EPSS
Exploits2References1
CVE
CVE
added 2022/04/25 3:51 p.m.104 views

CVE-2022-1390

CVE-2022-1390 affects the WordPress plugin Admin Word Count Column (versions

9.8CVSS9.6AI score0.22133EPSS
In wildExploits2References2Affected Software1
CNVD
CNVD
added 2022/04/22 12:0 a.m.24 views

UCMS arbitrary file reading vulnerability

UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...

7.5CVSS4AI score0.01462EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/04/21 12:0 a.m.4 views

UCMS 路径遍历漏洞

UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...

7.5CVSS5.8AI score0.01462EPSS
Exploits1References3
CNVD
CNVD
added 2022/04/18 12:0 a.m.16 views

Arbitrary File Read Vulnerability in e-office of Shanghai Panavision Network Technology Co. Ltd (CNVD-2022-43244)

e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

6.9AI score
Exploits0
CNVD
CNVD
added 2022/04/18 12:0 a.m.66 views

Arbitrary File Read Vulnerability in e-office of Shanghai Panavision Network Technology Co.

e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/14 12:0 a.m.5 views

The vulnerability of the wavlike_ima_decode_block() function in the libsndfile library for reading and writing audio files allows a attacker to execute arbitrary code on the target system.

The vulnerability of the wavlikeimadecodeblock function in the libsndfile library for reading and writing audio files is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the target system...

10CVSS6.5AI score
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2022/04/13 12:0 a.m.4 views

PT-2022-2849 · Cisco · Cisco Iox +1

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operati...

6.8CVSS5.5AI score0.01197EPSS
Exploits0References8
CNVD
CNVD
added 2022/04/12 12:0 a.m.19 views

InHand Networks InRouter 900 Industrial 4G Router路径遍历漏洞

The InHand Networks InRouter 900 is a series of industrial routers from InHand Networks, Inc. A security vulnerability exists in the InHand Networks InRouter 900 Industrial 4G Router, which can be exploited by attackers to read arbitrary file via the function sub177E0...

7.5CVSS4.9AI score0.01485EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/07 12:0 a.m.22 views

HPE OneView File Reading Vulnerability

A file read vulnerability exists in versions prior to HPE OneView 6.6, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit this vulnerability to cause local unauthorized file read access...

5.5CVSS3.6AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.3 views

SOURCEFORGE Adminer安全漏洞

SOURCEFORGE Adminer is an application from the American SOURCEFORGE community. It provides database management in a single PHP file. A security vulnerability exists in Adminer version 4.6.2 and prior versions that stems from the presence of improper access control. An attacker can exploit the...

7.5CVSS7.5AI score0.13641EPSS
Exploits4References11
CNNVD
CNNVD
added 2022/04/04 12:0 a.m.2 views

Caucho Resin 路径遍历漏洞

Caucho Resin is a web server and Java application server from Caucho Corporation. A security vulnerability exists in Caucho Resin versions 4.0.52 through 4.0.56, which stems from a directory traversal vulnerability due to a lack of restrictions on directory special separators in the application...

7.5CVSS7.4AI score0.14115EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/29 12:0 a.m.5 views

Jenkins Tests Selector Plugin 信息泄露漏洞

Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Tests Selector Plugin 1.3.3 a...

6.5CVSS5.9AI score0.01051EPSS
Exploits0References5
CNVD
CNVD
added 2022/03/22 12:0 a.m.29 views

Jenkins Extended Choice Parameter Plugin任意文件读取漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Extended Choice Parameter Plugin...

6.5CVSS2.4AI score0.01519EPSS
Exploits0References1
Rows per page
Query Builder