Lucene search
K

353 matches found

Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.5 views

CVE-2023-23838 Directory traversal and file enumeration vulnerability: Database Performance Analyzer (DPA) 2023.1

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server...

6.5CVSS6.5AI score0.01272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.12 views

PT-2023-19245 · Solarwinds · Database Performance Analyzer

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A directory traversal and file enumeration issue allows users to enumerate different folders of the server. Recommendations: At the moment, there is no information about a newer version...

6.5CVSS6.4AI score0.01272EPSS
Exploits0References3
CVE
CVE
added 2023/04/25 12:0 a.m.47 views

CVE-2023-23838

CVE-2023-23838 affects SolarWinds Database Performance Analyzer (DPA) up to version 2022.3 and earlier, described as a directory traversal and file enumeration vulnerability that could allow access to different folders on the server. Various sources corroborate the vulnerability in DPA (2023.1/ea...

6.5CVSS6.5AI score0.01272EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.27 views

CVE-2023-23838 Directory traversal and file enumeration vulnerability: Database Performance Analyzer (DPA) 2023.1

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server...

6.5CVSS6.7AI score0.01272EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.10 views

Debian: Security Advisory (DLA-695-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.20515EPSS
Exploits16References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-15750

Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server...

8.7CVSS9.6AI score0.0424EPSS
Exploits0References29
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/01/05 5:0 p.m.25 views

Unraveling the techniques of Mac ransomware

Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, systems, and platforms...

Exploits0
Microsoft Secure
Microsoft Secure
added 2023/01/05 5:0 p.m.34 views

Unraveling the techniques of Mac ransomware

Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, systems, and platforms...

Exploits0
Vulnrichment
Vulnrichment
added 2022/09/07 9:0 p.m.4 views

CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...

7.5CVSS7.5AI score0.00821EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/07 9:0 p.m.29 views

CVE-2022-36081 Wikmd vulnerable to Local File Enumeration when accessing /list

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...

7.5CVSS7.7AI score0.00821EPSS
Exploits0References2
Kitploit
Kitploit
added 2022/06/22 12:30 p.m.192 views

GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking

Credits Author: M3n0sD0n4ld Twitter: @DavidUton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone...

6.8AI score
Exploits0References2
Prion
Prion
added 2022/06/08 4:15 p.m.15 views

Design/Logic Flaw

As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...

4CVSS4.6AI score0.00708EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.4 views

CVE-2022-0779

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

6.5CVSS5.5AI score0.02233EPSS
Exploits5References2
OSV
OSV
added 2022/06/08 10:15 a.m.3 views

CVE-2022-0779

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

6.5CVSS6.9AI score0.02233EPSS
Exploits5References1
Cvelist
Cvelist
added 2022/06/06 8:50 a.m.22 views

CVE-2022-0779 User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads...

6.6AI score0.02233EPSS
Exploits5References1
CNNVD
CNNVD
added 2022/05/30 12:0 a.m.13 views

WordPress plugin User Meta Manager 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A path traversal vulnerability exists in versions of the WordPress User Meta Manager plugin prior to...

6.5CVSS5.7AI score0.02233EPSS
Exploits5References5
WPVulnDB
WPVulnDB
added 2022/05/16 12:0 a.m.17 views

User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal

The plugin does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads PoC As a subscriber, submit a dummy image on a page/post with a File Uplo...

6.5CVSS2AI score0.02233EPSS
Exploits5Affected Software1
wpexploit
wpexploit
added 2022/05/16 12:0 a.m.132 views

User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal

The plugin does not validate the filepath parameter of its umshowuploadedfile AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads As a subscriber, submit a dummy image on a page/post with a File Upload...

6.5CVSS6.4AI score0.02233EPSS
Exploits5
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.31 views

WordPress User Meta plugin <= 2.4.3 - Local File Enumeration via Path Traversal vulnerability

Local File Enumeration via Path Traversal vulnerability discovered by Julien Ahrens in WordPress User Meta plugin versions = 2.4.3. Solution Update the WordPress User Meta plugin to the latest available version at least 2.4.4...

6.5CVSS3.8AI score0.02233EPSS
Exploits5References3Affected Software1
OSV
OSV
added 2022/04/15 7:15 p.m.1 views

CVE-2022-24485

Win32 File Enumeration Remote Code Execution Vulnerability...

7.5CVSS7.4AI score0.01558EPSS
Exploits0References1
Rows per page
Query Builder