3349 matches found
Exploit for Path Traversal in Jellyfin
CVE-2021-21402: Jellyfin Arbitrary File Reading Vulnerability...
Arbitrary file reading vulnerability in the accounting training platform of Xiamen NetZhong.com Software Co.
Ltd. is a high-tech enterprise specializing in the development, service and sales of teaching software products for teaching accounting. Xiamen NetZhongNET Software Co., Ltd. accounting training teaching platform there is an arbitrary file reading vulnerability, attackers can use the vulnerabilit...
WCMS Directory Traversal Vulnerability (CNVD-2021-28257)
WCMS is a content management system CMS that uses an open web interface to build websites. A directory traversal vulnerability exists in WCMS version 0.3.2. The vulnerability can be exploited to read arbitrary files on the server running the application via the pagename parameter of wex/html.php...
WCMS Directory Traversal Vulnerability
WCMS is a content management system CMS that uses an open web interface to build websites. A directory traversal vulnerability exists in WCMS version 0.3.2. The vulnerability can be exploited to read arbitrary files on the server running the application via the path parameter of wex/cssjs.php...
CVE-2021-22201
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...
CVE-2021-22203
CVE-2021-22203 affects GitLab CE/EE; a specially crafted Wiki page could read arbitrary files on the server. Affected versions: 13.7.9–13.8.6, 13.9.x before 13.9.5, and 13.10.x before 13.10.1. Remediation: upgrade to patched releases (e.g., 13.8.7, 13.9.5, 13.10.1 or newer). Root cause: Wiki hand...
GitLab 安全漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to view the contents of a project's files, commit history, bug lists, and more. A security vulnerability exists in GitLab CE/EE...
Ningbo Yinzhou Tianyi Science and Technology Co.
Ningbo Yinzhou Tianyi Technology Co., Ltd. is a high-tech enterprise. Ningbo Yinzhou Tianyi Science and Technology Co., Ltd. station building system there are arbitrary file reading vulnerability, attackers can use the vulnerability to obtain sensitive information...
Nanchang Yunduan Network Technology Co., Ltd. website building system has arbitrary file reading vulnerability
Nanchang Cloud Network Technology Co., Ltd. is a dual-soft enterprise and high-tech enterprise focusing on the field of online education. The Nanchang Yunduan Network Technology Co., Ltd. website building system has an arbitrary file reading vulnerability, which can be exploited by an attacker to...
OurPHP backend has an arbitrary file read vulnerability
OurPHP is an enterprise e-commerce marketing website building system. OurPHP backend has an arbitrary file reading vulnerability, which can be exploited by an attacker to read any system file...
Webware Webdesktop Code Issue Vulnerability
Webware Webdesktop is an application software from the company Webware in the Republic of Estonia. A document management software. A code issue vulnerability exists in Webware Webdesktop version 5.1.15. The vulnerability stems from the system allowing an attacker to read all files on the server. ...
Aurora 路径遍历漏洞
Afterlogic Aurora is a set of U.S. Afterlogic Inc. using PHP language written in the enterprise mail server platform. The platform includes features such as e-mail, file storage and address book management. A path traversal vulnerability exists in AfterLogic Aurora through 7.7.9 and WebMail Pro...
Harbin Weicheng Technology Co., Ltd. ourphp exists arbitrary file reading vulnerability
OURPHP is a brand, a PHP + MySQL development based on W3C standard building system. Harbin Weicheng Technology Co. ourphp there are arbitrary file reading vulnerability , attackers can use the vulnerability to obtain sensitive information...
Omni-channel customer service system of Foshan Beame Information Technology Co., Ltd. suffers from arbitrary file reading vulnerability
Foshan Beamy Information Technology Co., Ltd. is an Internet software company. There is an arbitrary file reading vulnerability in the omni-channel customer service system of Foshan Bemis Information Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information...
Arbitrary File Read Vulnerability in Video Encoding Equipment Access Network of Hangzhou Hikvision System Technology Co.
Hangzhou Hikvision System Technology Co., Ltd. is a provider of security products and industry solutions. There is an arbitrary file reading vulnerability in the video coding equipment access network of Hangzhou Hikvision System Technology Co., Ltd. that can be exploited by an attacker to read al...
Arbitrary File Read Vulnerability in Ruijie EG Easy Gateway WEB Management System
Ruijie EasyGate is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network egress problems. The WEB management system of Ruijie EG EasyGate has an arbitrary file reading vulnerability, which can be exploited by an attacker to log in a user with low...
RainbowFish PacsOne Server 代码问题漏洞
RainbowFish PacsOne Server is an image archiving and communication system server from RainbowFish, which is used to save incoming images. The system is used to save incoming images, and a file reading vulnerability exists in Rainbowfish PacsOne Server that could be exploited by an attacker to cau...
CVE-2020-15097
loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, ...
CloudBees Jenkins TOCTOU Competitive Conditions Vulnerability
Jenkins is an open source continuous integration tool written in Java , mainly used for continuous , automated build/test software projects , monitor the operation of external tasks . A TOCTOU competitive condition vulnerability exists in Jenkins 2.275, LTS 2.263.2. An attacker can exploit this...