Lucene search
+L

73 matches found

ATTACKERKB
ATTACKERKB
added 2022/07/19 8:15 p.m.2 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS5.8AI score0.0073EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.4 views

Digital Watchdog DW MEGApix IP 授权问题漏洞

Digital Watchdog DW MEGApix IP is a camera from Digital Watchdog. A security vulnerability exists in Digital Watchdog DW MEGApix IP cameras version A7.2.220211029, which originates from a vulnerability that allows an unauthenticated attacker to view internal paths and scripts via a web file...

7.5CVSS7.3AI score0.0073EPSS
Exploits0References2
OSV
OSV
added 2022/06/02 2:15 p.m.6 views

CVE-2022-26973

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...

5.3CVSS5.8AI score0.00717EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.3 views

CVE-2022-26973

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...

5.3CVSS5.8AI score0.00717EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/09/07 7:15 p.m.43 views

CVE-2021-35947

The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL...

5.3CVSS6.2AI score0.01267EPSS
Exploits0References3
Hacker One
Hacker One
added 2020/07/05 11:39 a.m.24 views

Engel & Völkers Technology GmbH: Improper authentication on phpmyadmin portal which is hosted in https://eventapp.engelvoelkers.com

Summary: Hi Team, following domain https://eventapp.engelvoelkers.com/ publicly exposed phpmyadmin portal and authentication mechanism is poorly configured, On response manipulation, application giving access to internal structure of phpmyadmin portal, which disclosing many internal paths and sta...

0.1AI score
Exploits0
NVD
NVD
added 2020/04/30 9:15 p.m.30 views

CVE-2020-5880

Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...

7.1CVSS7AI score0.01261EPSS
Exploits0References1
Prion
Prion
added 2020/04/30 9:15 p.m.24 views

Authorization

Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...

5.5CVSS7AI score0.01261EPSS
Exploits0References1Affected Software11
CVE
CVE
added 2020/04/30 8:54 p.m.65 views

CVE-2020-5880

The CVE-2020-5880 issue affects BIG-IP RESTjavad and allows remote attackers to upload arbitrary files and bypass authorization, with error messages potentially exposing internal paths. Affected releases include BIG-IP 15.0.0–15.0.1.3 and 14.1.0–14.1.2.3. Mitigations: upgrade to 15.1.0 (15.x) or ...

7.1CVSS6.9AI score0.01261EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.31 views

F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K94325657)

The restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. CVE-2020-5880 Impact A remote attacker may be able to fill the disk storage and make the...

7.1CVSS7.1AI score0.01261EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/06 6:50 p.m.30 views

CVE-2018-4067

An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an...

6.1AI score0.04132EPSS
Exploits3References4
Talos
Talos
added 2019/04/25 12:0 a.m.97 views

Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can ma...

6.5CVSS7AI score0.04132EPSS
Exploits3
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2009/07/21 12:0 a.m.53 views

[20090722] - Core - Missing JEXEC Check

Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder