XXE Vulnerability in the Purview.asmx File of the MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A XXE vulnerability exists in the Purview.asmx file of MicroXia Online Learning Platform. An attacker can exploit the vulnerability to remotely read arbitrary files on the server...

Informatica: [doc.rt.informaticacloud.com] Arbitrary File Reading via Double URL Encode

Hi. Attacker can read arbitrary file in system via next query: http://doc.rt.informaticacloud.com/infocenter/ActiveVOS/v92/topic/com.activee.bpep.doc/images/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd You can see the response here: F188500 root:x:0:0:root:/root:/bin/bash...

WordPress WP e-Commerce Shop Styling Plugin Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.WP e-Commerce Shop Styling is one of the plug-ins used to improve the style of WP e-commerce store templates. A...

CVE-2015-5383

Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the 1 config, 2 temp, or 3 logs directory...

Code injection

program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...

CVE-2015-5382

program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...

CVE-2016-7977

Ghostscript before 9.21 could bypass SAFER mode using the .libfile operator in crafted PostScript, allowing reading arbitrary files. This CVE (CVE-2016-7977) affects Ghostscript up to version 9.20/9.21; remediation is to upgrade to Ghostscript 9.21 or newer where fixed. Related entries note simil...

CVE-2015-5382

program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...

CVE-2017-9149

Metadata Anonymisation Toolkit MAT 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted...

CVE-2017-5214

The Codextrous B2J Contact aka b2jcontact extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files...

Arbitrary File Read Vulnerability in the Basename Function of the SDCMS errorcontroller.php Page

SDcms is a content management system developed by Suzhou Fireworks Network Technology Co. SDCMS errorcontroller.php page basename function has an arbitrary file reading vulnerability, an attacker can use the vulnerability to read arbitrary files to obtain sensitive information...

Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion

Exploit Title: Zyxel P-660HW-61 3.40PE.11C0 - Local File Inclusion Date: 2-05-2017 Exploit Author: ReverseBrain Contact: https://www.twitter.com/ReverseBrain Vendor Homepage: https://www.zyxel.com Software Link: ftp://ftp.zyxel.com/P-660HW-61/firmware/P-660HW-613.40PE.11C0.zip Version: 3.40PE.11C...

Directory traversal

Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors...

CVE-2017-7646

SolarWinds Log & Event Manager (LEM) prior to 6.3.1 Hotfix 4 allows an authenticated user to browse the server filesystem and read arbitrary files. Risk details are not expanded beyond this description in the provided documents. Remediation: upgrade to 6.3.1 Hotfix 4 or newer where indicated.

CVE-2015-8276

LVRTC eParakstitajs 3.0 1.3.0 and edoc-libraries-2.5.401 allow attackers to read arbitrary files via crafted EDOC files...

CVE-2014-2960

This CVE concerns Vision Critical before 2014-05-30, where an information-disclosure vulnerability allowed reading arbitrary files via unspecified vectors, demonstrated with image and configuration files. Affected product: Vision Critical cloud-based intelligent user management platform (pre-2014...

CVE-2015-8276

LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 contain an information disclosure vulnerability that allows an attacker to read arbitrary files via specially crafted EDOC files. The issue is described across connected sources (CNVD-2017-16012, NVD CVE-2015-8276). The root cause is inf...

CVE-2017-0360

fileopen in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242...

The vulnerability of the McAfee VirusScan Enterprise anti-virus software allows a hacker to gain access to file readings.

The vulnerability of the McAfee VirusScan Enterprise antivirus software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to remotely read files from the web server...

CVE-2016-9605

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...