197 matches found
PT-2021-23153 · Nextcloud +1 · Nextcloud +1
Name of the Vulnerable Software and Affected Versions: Nextcloud versions prior to 20.0.13 Nextcloud versions prior to 21.0.5 Nextcloud versions prior to 22.2.0 Description: A file traversal vulnerability in Nextcloud allows an attacker to download arbitrary SVG images from the host system,...
Command Execution Vulnerability in Apache HTTP Server 2.4.49
Apache HTTP Server is the United States Apache Apache Software Foundation, an open source web server. The server is fast, reliable and can be expanded through a simple API. A command execution vulnerability exists in Apache HTTP Server 2.4.49 due to a flaw in the changes made to path normalizatio...
Security Bulletin: IBM Transparent Cloud Tiering is affected by a vulnerability in Apache Commons IO ( CVE-2021-29425)
Summary apache commons IO is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the...
CVE-2020-9368
The CVE-2020-9368 issue affects PrestaShop’s Olea Gift On Order module up to version 5.0.8. The vulnerability is a directory traversal in getfile.php that allows an unauthenticated attacker to read arbitrary server files by requesting getfile.php?file=../../… The root cause is a path-traversal fl...
IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 File Traversal (CVE-2019-4268)
The IBM WebSphere Application Server running on the remote host is version 7.0.0.x prior to 7.0.0.45, 8.0.0.x prior to 8.0.0.15, 8.5.0.x prior to 8.5.5.17 or 9.0.x prior to 9.0.5.1. It is, therefore, affected by a directory traversal vulnerability. A remote, unauthenticated attacker can exploit...
Arbitrary File Read Vulnerability in ZZCMS
ZZCMS is a content management system for Webmaster Merchants. ZZCMS has an arbitrary file reading vulnerability, which can be exploited by an attacker to traverse website files to obtain sensitive information...
Security Bulletin: Content Collector for Email is affected by a File traversal vulnerability in WebSphere Application Server Admin Console
Summary There is a file traversal vulnerability in the Admin Console of WebSphere Application Server. Vulnerability Details CVEID: CVE-2019-4268 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker...
Security Bulletin: File traversal vulnerability in WebSphere Application Server Admin Console which is shipped with Jazz for Service Management (CVE-2019-4268)
Summary There is a file traversal vulnerability in the Admin Console of WebSphere Application Server. Vulnerability Details CVEID: CVE-2019-4268 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2019-4268).
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2019-4268).
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.1; IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere...
Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Application Server Admin Console shipped with IBM Tivoli Access Manager for e-business (CVE-2019-4268)
Summary WebSphere Application Server Admin Console is shipped with IBM Tivoli Access Manager for e-business. Information about a security vulnerability affecting WebSphere Application Server Admin Console has been published in a security bulletin. Vulnerability Details Refer to the security...
POC-T
This is a Python-based penetration testing framework called POC-T. It is designed to facilitate concurrent testing of multiple targets and supports various features such as multi-threading, URL parsing, and user agent management. The framework includes a range of scripts for testing different...
Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud
Summary There are multiple security vulnerabilities that affect the IBM WebSphere Application Server in the IBM Cloud. There is a file traversal vulnerability in the Admin Console of WebSphere Application Server. There is a path traversal vulnerability in the Admin Console of WebSphere Applicatio...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2019-4268)
Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
POC-T
This is a Python-based penetration testing framework called POC-T. It is designed to facilitate concurrent testing and provides a variety of features for vulnerability scanning and exploitation. The framework includes a range of built-in scripts for testing various vulnerabilities, including SQL...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2019-4268)
Summary WebSphere Application Server is shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2019-4268 DESCRIPTION: I...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2019-4268)
Summary IBM WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulleti...
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest
Summary IBM WebSphere Application Server WAS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting WAS have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2019-4268)
Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Fi...