3348 matches found
CVE-2020-8482
The ABB Device Library Wizard vulnerability, CVE-2020-8482, affects Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2. It is an insecure storage issue where an unauthenticated, low-privilege user can read files containing confidential data. Impact is high on confidentiality and potential ...
CVE-2020-2012
CVE-2020-2012 affects Palo Alto Networks PAN-OS Panorama management service and is caused by improper restriction of XML external entity references (XXE). Remote unauthenticated attackers with network access to the Panorama management interface can read arbitrary files on the system. Affected ver...
Tuan ah.com Tuan ah VIP movie system foreground exists arbitrary file reading vulnerability
Group ah VIP movie system is a lightweight and intelligent video CMS management system. Group ah group ah VIP movie system foreground exists arbitrary file reading vulnerability, attackers can use the vulnerability to obtain sensitive information on the site...
GitLab path traversal vulnerability (CNVD-2020-29843)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise...
CVE-2020-12116
Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request...
CVE-2020-12116
Zoho ManageEngine OpManager is affected by CVE-2020-12116. OpManager Stable build prior to 124196 and Released build prior to 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a specially crafted request, via a directory traversal vulnerability in the appl...
OurPHP website builder system suffers from an arbitrary file read vulnerability.
OurPHP Aopia website building system is a enterprise + e-commerce marketing website building system. OurPHP website builder system has an arbitrary file reading vulnerability, which can be exploited by attackers to read arbitrary system files...
CVE-2020-1631 Out of Cycle Security Advisory: Junos OS: Security vulnerability in J-Web and web based (HTTP/HTTPS) services
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning ZTP allows an unauthenticated attacker to perform local file inclusion LFI or path traversal. Using this vulnerability...
Juniper Networks Junos OS Service Has Security Vulnerability
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS in J-Web and Web HTTP/HTTPS based services. An attacker could...
CVE-2017-18704
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 befo...
CVE-2017-18712
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0....
Code injection
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.4...
CVE-2017-18712
CVE-2017-18712 affects several NETGEAR devices (D7800 1.0.1.28 and earlier, R6100 1.0.1.20 and earlier, R7500 1.0.0.118 and earlier, R7500v2 1.0.3.20 and earlier, R7800 1.0.2.40 and earlier, R9000 1.0.2.52 and earlier, WNDR4300v2 1.0.0.48 and earlier, WNDR4500v3 1.0.0.48 and earlier) with an atta...
CVE-2017-18712
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0....
CVE-2017-18752
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST...
Code injection
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST...
CVE-2017-18752
CVE-2017-18752 affects certain NETGEAR routers/ extenders (EX3700, EX3800, EX6120, EX6130, R6300v2, R6700, R6900, R7000, R7300DST, R7900, R8000, R8500) with firmware versions prior to the listed fixes. The vulnerability allows an attacker to read arbitrary files, as documented in the NVD entry an...
CVE-2017-18769
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50,...
CVE-2017-18797
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100...
CVE-2017-18797
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100...