Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

OSV
OSVadded 2026/01/15 4:16 p.m.0 views

CVE-2021-47755

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

7.5CVSS5.9AI score0.00065EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/01/15 3:52 p.m.0 views

CVE-2021-47755

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

8.7CVSS5.7AI score0.00065EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/01/15 3:52 p.m.19 views

CVE-2021-47755 Oliver Library Server v5 - Arbitrary File Download

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

8.7CVSS0.00065EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/01/15 3:52 p.m.2 views

CVE-2021-47755 Oliver Library Server v5 - Arbitrary File Download

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

8.7CVSS6.7AI score0.00065EPSS
Exploits1References2
EUVD
EUVDadded 2026/01/15 3:52 p.m.1 views

EUVD-2026-2777

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive file...

9.8CVSS6.5AI score0.00065EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/01/15 12:0 a.m.2 views

PT-2026-3032

Name of the Vulnerable Software and Affected Versions Oliver Library Server version 5 Description An unauthenticated attacker can access arbitrary system files. This is possible due to unsanitized input in the FileServlet endpoint. The vulnerability is triggered by manipulating the fileName...

9.8CVSS5.6AI score0.00065EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEVadded 2023/11/13 12:0 a.m.0 views

VulnCheck KEV: CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the...

7.5CVSS7.2AI score0.83418EPSS
Exploits1References1
Prion
Prionadded 2022/09/01 6:15 p.m.13 views

Input validation

An arbitrary file download vulnerability in Oliver v5 Library Server Versions 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input...

5CVSS7.5AI score0.17351EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2022/09/01 5:47 p.m.39 views

CVE-2021-45027

Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local file inclusion via the FileServlet function, allowing an unauthenticated attacker to read arbitrary files on Windows servers (e.g., win.ini) through unsanitized input in the fileName parameter. Affected lineage from CV...

7.5CVSS7.5AI score0.17351EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/09/01 5:47 p.m.16 views

CVE-2021-45027

An arbitrary file download vulnerability in Oliver v5 Library Server Versions 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input...

7.7AI score0.17351EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/09/01 12:0 a.m.3 views

Softlink Oliver v5 Library Server 安全漏洞

Softlink Oliver v5 Library Server is an easy-to-use library management and learning tool from Softlink. A security vulnerability exists in Softlink Oliver v5 Library Server version 5.00.008.053, which originates from a FileServlet function that allows an attacker to download arbitrary files using...

7.5CVSS7.5AI score0.17351EPSS
Exploits1References3
Packet Storm
Packet Stormadded 2021/12/15 12:0 a.m.312 views

Oliver Library Server 5 Arbitrary File Download

Exploit Title: Oliver Library Server v5 - Arbitrary File Download Date: 14/12/2021 Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group Vendor Homepage: https://www.softlinkint.com/product/oliver/ Product: Oliver Server v5 Version: /oliver/FileServlet?source=serverFile&fileName= 2...

7.4AI score
Exploits0
0day.today
0day.todayadded 2021/12/15 12:0 a.m.339 views

Oliver Library Server v5 - Arbitrary File Download Vulnerability

Exploit Title: Oliver Library Server v5 - Arbitrary File Download Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group Vendor Homepage: https://www.softlinkint.com/product/oliver/ Product: Oliver Server v5 Version: /oliver/FileServlet?source=serverFile&fileName= 2 Example to downloa...

7.1AI score
Exploits0
OSV
OSVadded 2021/05/20 4:15 p.m.0 views

CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

7.5CVSS5.8AI score0.83418EPSS
Exploits1References2
Prion
Prionadded 2021/05/20 4:15 p.m.12 views

Remote file inclusion

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

5CVSS7.4AI score0.83418EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/05/20 3:25 p.m.9 views

CVE-2020-35580

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

7.4AI score0.83418EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiativeadded 2018/06/06 12:0 a.m.13 views

GE MDS PulseNET FileServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the FileServlet...

4CVSS1.8AI score0.01735EPSS
Exploits0References1
Check Point Advisories
Check Point Advisoriesadded 2017/06/19 12:0 a.m.2 views

HPE Network Automation FileServlet Information Disclosure (CVE-2017-5811)

An information disclosure vulnerability exists in HPE Network Automation. The vulnerability is due to a lack of sanitization on a user supplied path on requests handled by FileServlet. A remote attacker could exploit this vulnerability by sending a maliciously crafted request to the target server...

7.8CVSS1.2AI score0.14171EPSS
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2017/05/11 12:0 a.m.43 views

Hewlett Packard Enterprise Network Automation TrueControl Management Engine Service FileServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileServlet servlet. The issue results from...

7.8CVSS1.4AI score0.14171EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2015/04/03 12:0 a.m.24 views

Cisco Data Center Network Manager FileServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to read arbitrary files, and bypass authentication, on a system with vulnerable installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the fmserver servlet which i...

7.8CVSS6.4AI score0.59984EPSS
Exploits0References1
Rows per page
Query Builder