73 matches found
CVE-2022-34535
Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...
Digital Watchdog DW MEGApix IP 授权问题漏洞
Digital Watchdog DW MEGApix IP is a camera from Digital Watchdog. A security vulnerability exists in Digital Watchdog DW MEGApix IP cameras version A7.2.220211029, which originates from a vulnerability that allows an unauthenticated attacker to view internal paths and scripts via a web file...
CVE-2022-26973
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...
CVE-2022-26973
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...
CVE-2021-35947
The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL...
Engel & Völkers Technology GmbH: Improper authentication on phpmyadmin portal which is hosted in https://eventapp.engelvoelkers.com
Summary: Hi Team, following domain https://eventapp.engelvoelkers.com/ publicly exposed phpmyadmin portal and authentication mechanism is poorly configured, On response manipulation, application giving access to internal structure of phpmyadmin portal, which disclosing many internal paths and sta...
CVE-2020-5880
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...
Authorization
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...
CVE-2020-5880
The CVE-2020-5880 issue affects BIG-IP RESTjavad and allows remote attackers to upload arbitrary files and bypass authorization, with error messages potentially exposing internal paths. Affected releases include BIG-IP 15.0.0–15.0.1.3 and 14.1.0–14.1.2.3. Mitigations: upgrade to 15.1.0 (15.x) or ...
F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K94325657)
The restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. CVE-2020-5880 Impact A remote attacker may be able to fill the disk storage and make the...
CVE-2018-4067
An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an...
Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can ma...
[20090722] - Core - Missing JEXEC Check
Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host...