Lucene search
K

197 matches found

Patchstack
Patchstack
added 2015/08/24 12:0 a.m.6 views

WordPress Multi Plugin Installer Plugin <= 1.1.0 - Local File Traversal

Because of this vulnerability, unauthenticated attackers can read arbitrary files. Solution Update the plugin...

4.2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2015/08/24 12:0 a.m.9 views

Multi Plugin Installer <= 1.1.0 - Unauthenticated File Traversal

The multi-plugin-installer WordPress plugin was affected by an Unauthenticated File Traversal security vulnerability...

4.1AI score
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2015/01/19 12:0 a.m.106 views

53kf任意文件遍历漏洞

简要描述: 听说你们很给力啊,先试试水。 详细说明: 存在漏洞的地址为: http://www.53kf.com/?controller=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00login 漏洞证明: 成功猜到了nginx的配置文件,如下: 得到了网站根路径,读个robots.txt试试看 那么是不是可以代码审计了呢...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/04 12:0 a.m.64 views

大汉网络JCMS任意文件下载

简要描述: 大汉网络文件遍历 详细说明: 漏洞Url: /jcms/m5e/module/voting/down.jsp?filename=a.txt&pathfile=/etc/passwd 下载文件: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/02 12:0 a.m.39 views

Novell NetIQ Sentinel Agent Manager NQMcsVarSet ActiveX DumpToFile() Remote Code Execution

The remote host contains the NQMcsVarSet ActiveX control distributed with Novell NetIQ Sentinel Agent Manager. The installed control is reportedly affected by a remote code execution vulnerability with the DumpToFile method where it does not properly sanitize the path for a filename. This could...

6.8CVSS6AI score0.03267EPSS
Exploits0References3
OSV
OSV
added 2014/04/30 12:0 a.m.33 views

DSA-2915-2 dpkg - security update

Bulletin has no description...

7.1CVSS6.1AI score0.02073EPSS
Exploits0
OSV
OSV
added 2014/04/28 12:0 a.m.25 views

DSA-2915-1 dpkg - security update

Bulletin has no description...

5CVSS6AI score0.02859EPSS
Exploits0
seebug.org
seebug.org
added 2013/07/22 12:0 a.m.201 views

SDCMS某处设计缺陷导致遍历任意文件内容

简要描述: SDCMS某处设计缺陷导致遍历任意文件内容 详细说明: 1、首先看看缺陷文件: 文件/sdcms/admin/sdtheme.asp ...... 第138行: case "edit" dim filename:filename=sdcms.fget"filename",0 if notsdcms.checkstrfilename,"filename" then sdcms.echo "filename is wrong" sdcms.die end if if notsdcms.isfile"../theme/"&filename then sdcms.echo...

7AI score
Exploits0
seebug.org
seebug.org
added 2012/06/12 12:0 a.m.26 views

IBM WebSphere Sensor Events多个输入验证漏洞

BUGTRAQ ID: 53859 IBM WebSphere Sensor Events可提供创建和管理企业级传感器的中间件基础架构。 IBM WebSphere Sensor Events在实现上存在P001414 XSS、文件路径遍历、不安全HTTP方法、searchView.jsp中的deferredView.jsp XSS问题内的P001538跨站脚本执行漏洞, 攻击者可利用这些漏洞窃取Cookie身份验证凭证、执行非法操作或泄漏敏感信息。 0 IBM WebSphere Sensor Events 7.0 厂商补丁: IBM ---...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.125 views

Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities

Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/01 12:0 a.m.44 views

Flatnux CMS 2011 08.09.2 CSRF / XSS / Directory Traversal

Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...

0.6AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/03/31 12:0 a.m.28 views

Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities

Document Title: =============== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=487 Release Date: ============= 2012-03-31 Vulnerability Laboratory ID VL-ID: ==================================== 487...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/03/31 12:0 a.m.18 views

Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities

Document Title: =============== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=487 Release Date: ============= 2012-03-31 Vulnerability Laboratory ID VL-ID: ==================================== 487...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/20 12:0 a.m.23 views

Oracle Web Logic Node Manager UNC Path Remote File Execution

Oracle Web Logic Node Manager UNC Path Remote File Execution Posted by admin on 2012/03/16 Leave a comment 0 Go to comments Keep running into old Web Logic installations which have the file traversal http://www.securityfocus.com/bid/37926/info and UNC path remote command execution...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/07/29 12:0 a.m.14 views

Chyrp 2.x - includeslibgz.php?File Traversal Arbitrary File Access

Chyrp 2.x - includeslibgz.php?File Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal...

0.4AI score
Exploits0
myhack58
myhack58
added 2011/05/24 12:0 a.m.30 views

Honeywall admin interface arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Publishing author: cnyouker Vulnerability type: arbitrary file traversal/download Vulnerability description: Honeywall admin interface arbitrary file read vulnerability Detailed description: admin/docs.pl for the POST of the file check is not strict. Can construct their own post package to read...

0.9AI score
Exploits0
OpenVAS
OpenVAS
added 2011/05/12 12:0 a.m.42 views

Debian Security Advisory DSA 2207-1 (tomcat5.5)

The remote host is missing an update to tomcat5.5 announced via advisory DSA 2207-1. OpenVAS Vulnerability Test $Id: deb22071.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2207-1 tomcat5.5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.4CVSS0.1AI score0.9444EPSS
Exploits16
OpenVAS
OpenVAS
added 2011/05/12 12:0 a.m.42 views

Debian: Security Advisory (DSA-2207-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS5.5AI score0.9444EPSS
Exploits16References3
OSV
OSV
added 2011/03/30 12:0 a.m.25 views

DSA-2207-1 tomcat5.5 - several

Bulletin has no description...

6.4CVSS4.8AI score0.9444EPSS
Exploits16
Debian
Debian
added 2011/03/29 10:35 p.m.57 views

[SECURITY] [DSA 2207-1] tomcat5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2207-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 30, 2011 http://www.debian.org/security/faq -...

6.4CVSS6.2AI score0.9444EPSS
Exploits16
Rows per page
Query Builder