FinalWire AIDA64 Extreme 缓冲区错误漏洞

FinalWire AIDA64 Extreme is a diagnostic software developed by FinalWire Corporation, designed for system information detection, hardware monitoring, and performance testing. Version 5.99.4900 of FinalWire AIDA64 Extreme contains a buffer error vulnerability. This vulnerability stems from a...

CVE-2019-25315

The CVE concerns WordPress Server Log Viewer 1.0, where a persistent XSS vulnerability exists through unfiltered log file paths. Attackers can create log files containing embedded XSS payloads that execute when viewed in the WordPress admin interface. The description provides CVSSv3.1/4.0 metrics...

CVE-2019-25315 WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting

WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface...

Apache Flink JobManager Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink JobManager Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Flink...

CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

DEBIAN-CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

CVE-2015-7934

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

Adcon Telemetry A840 Telemetry Gateway Information Disclosure Vulnerability (CNVD-2015-08414)

The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. The Adcon Telemetry A840 Telemetry Gateway displays the full pathname of the log file in the server, allowing remote attackers to exploit this vulnerability to obtain sensitive...