Lucene search
K

187 matches found

CNVD
CNVD
added 2017/06/14 12:0 a.m.5 views

Schneider Electric U.motion Builder Error Message Path Vulnerability

U.motion Builder is a builder product from Schneider Electric France. An error message path vulnerability exists in Schneider Electric U.motion Builder. An exception message containing sensitive path information is returned to an attacker. This allows an attacker to exploit the vulnerability to...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2017/04/27 12:0 a.m.5 views

Joomla! information disclosure vulnerability (CNVD-2017-06885)

Joomla is an open source, cross-platform content management system CMS developed using PHP and MySQL. An information disclosure vulnerability exists in Joomla! that can be exploited by remote attackers to submit a special request for sensitive path information...

5.3CVSS6.4AI score0.01129EPSS
Exploits0References1
OSV
OSV
added 2017/03/03 3:59 p.m.4 views

UBUNTU-CVE-2016-10202

Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to index.php...

6.1CVSS6.9AI score0.00814EPSS
Exploits1References5
Hacker One
Hacker One
added 2017/02/02 4:49 p.m.264 views

Pornhub: Debug.log file Exposed to Public \Full Path Disclosure\

The researcher discovered a debug log file exposing path information...

0.5AI score
Exploits0
Veracode
Veracode
added 2017/01/23 5:52 a.m.9 views

Directory Traversal Through Malformed URI

httpcore5 and httpclient are vulnerable to directory traversal attacks. The vulnerability is possible because the string input by user is not validated for the presence of leading character / and is passed to the constructor as path information...

6.7AI score
Exploits0
CNVD
CNVD
added 2016/12/06 12:0 a.m.3 views

Wordpress Twentyfourteen Theme Path Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Twentyfourteen is a default theme for WordPress. A path information disclosure vulnerability exists in the Wordpress...

6.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/05/20 12:0 a.m.5 views

PT-2016-5685 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.10.4 Foreman versions 1.11.x prior to 1.11.2 Description: The issue allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH INFO to "tftp/". This is due to an eval injection...

8.8CVSS7.5AI score0.02839EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2016/03/13 6:0 p.m.29 views

CVE-2016-1955

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...

4.3CVSS8AI score0.02035EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/03/08 12:0 a.m.19 views

CVE-2016-1955

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...

4.3CVSS6.8AI score0.02035EPSS
Exploits0References3
OSV
OSV
added 2016/03/08 12:0 a.m.2 views

UBUNTU-CVE-2016-1955

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...

4.3CVSS7AI score0.02035EPSS
Exploits0References4
CNVD
CNVD
added 2015/08/19 12:0 a.m.3 views

phpLiteAdmin Cross-Site Scripting Vulnerability

phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A cross-site scripting vulnerability exists in phpLiteAdmin version 1.1, which stems from a failure of the phpliteadmin.php script to adequately...

4.3CVSS6.2AI score0.03525EPSS
Exploits2References1
OSV
OSV
added 2015/08/17 3:59 p.m.10 views

UBUNTU-CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

4.3CVSS6.2AI score0.01906EPSS
Exploits1References4
OSV
OSV
added 2015/08/17 3:59 p.m.5 views

DEBIAN-CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

4.3CVSS5.4AI score0.01906EPSS
Exploits1References1
NVD
NVD
added 2015/08/12 2:59 p.m.17 views

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS7.6AI score0.06464EPSS
Exploits0References11
OSV
OSV
added 2015/08/12 2:59 p.m.12 views

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS7AI score0.06464EPSS
Exploits0References11
Prion
Prion
added 2015/08/12 2:59 p.m.23 views

Path traversal

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS6.1AI score0.06464EPSS
Exploits0References11Affected Software2
Cvelist
Cvelist
added 2015/08/12 2:0 p.m.26 views

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

7.5AI score0.06464EPSS
Exploits0References11
CVE
CVE
added 2015/08/12 2:0 p.m.115 views

CVE-2015-3187

CVE-2015-3187 affects Apache Subversion: the svn_repos_trace_node_locations function in Subversion before 1.7.21 and in 1.8.x before 1.8.14 can disclose sensitive path information. When path-based authorization is used, remote authenticated users could read the history of a node that has been mov...

4CVSS7.3AI score0.06464EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2015/08/12 2:0 p.m.36 views

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS7.4AI score0.06464EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/08/05 8:0 p.m.23 views

CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS6.8AI score0.06464EPSS
Exploits0References3
Rows per page
Query Builder