Lucene search
K

36 matches found

OSV
OSV
added 2021/08/03 5:15 p.m.3 views

CVE-2021-32017

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...

7.7CVSS5.8AI score0.00899EPSS
Exploits0References2
NVD
NVD
added 2021/08/03 5:15 p.m.24 views

CVE-2021-32017

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...

9.9CVSS0.00899EPSS
Exploits0References2
Prion
Prion
added 2021/08/03 5:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...

4CVSS7.5AI score0.00899EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/03 4:1 p.m.26 views

CVE-2021-32017

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files...

9.9CVSS9.6AI score0.00899EPSS
Exploits0References2
Veracode
Veracode
added 2020/08/17 6:15 a.m.22 views

Information Disclosure

Apache solr-core is vulnerable to Information Disclosure. Lack of validation of CoreAdminAPI's parameters consequently lead to search index data exposure and replace index data entirely by loading it from a remote file system...

8.8CVSS8.5AI score0.03805EPSS
Exploits0References14Affected Software1
WPVulnDB
WPVulnDB
added 2016/08/24 12:0 a.m.11 views

CYSTEME Finder <= 1.3 - Unauthenticated LFI and Unauthenticated File Upload

CYSTEME does not properly check SESSION Cookies allowing a remote attacker to upload, view, or delete files from any location on the remote file system. PoC - Retrieve all data in the root wordpress directory. This will return JSON. Exploit:...

7.5CVSS9.4AI score0.02433EPSS
Exploits2References1Affected Software1
OpenVAS
OpenVAS
added 2016/06/27 12:0 a.m.23 views

Idera Up.time Agent Information Disclosure Vulnerability

Idera Up.time Agent is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.3AI score0.02976EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : coreutils (SUSE-SU-2015:1637-1)

This update for coreutils provides the following fixes : - Fix memory handling error with case insensitive sort using UTF-8. CVE-2015-4041, CVE-2015-4042 - Ensure 'df -a' shows all remote file system entries. - Only suppress remote mounts of separate exports with 'df --total'. - Document that 'df...

9.8CVSS7.4AI score0.02323EPSS
Exploits2References12
Metasploit
Metasploit
added 2013/05/06 5:51 a.m.37 views

SAP SOAP EPS_DELETE_FILE File Deletion

This module abuses the SAP NetWeaver EPSDELETEFILE function, on the SAP SOAP RFC Service, to delete arbitrary files on the remote file system. The module can also be used to capture SMB hashes by using a fake SMB share as DIRNAME. This module requires Metasploit: https://metasploit.com/download...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2013/05/02 3:15 p.m.17 views

SAP SOAP RFC PFL_CHECK_OS_FILE_EXISTENCE File Existence Check

This module abuses the SAP NetWeaver PFLCHECKOSFILEEXISTENCE function, on the SAP SOAP RFC Service, to check for files existence on the remote file system. The module can also be used to capture SMB hashes by using a fake SMB share as FILEPATH. This module requires Metasploit:...

7AI score
Exploits0
msvr
msvr
added 2013/01/15 12:0 a.m.586 views

Vulnerability in Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software version 6.4.0.2900 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

9.3CVSS1.6AI score0.06367EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2006/10/24 12:0 a.m.34 views

Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - &#039;FTP&#039; Remote File System Access

/ Cisco VPN Concentrator 3000 FTP remote exploit ============================================== A vulnerability exists in the Cisco VPN Concentrator 3000, an unauthenticated user may access the file system through manipulation of FTP service commands. An unauthenticated user can use the following...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/01/21 12:0 a.m.29 views

adv20060116.txt

========================================================== Title: Directory traversal in phpXplorer Application: phpXplorer Vendor: http://www.phpxplorer.org Vulnerable Versions: 0.9.33 Bug: directory traversal Date: 16-January-2006 Author: Oriol Torrent Santiago References:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/01/17 12:0 a.m.38 views

Directory traversal in phpXplorer

========================================================== Title: Directory traversal in phpXplorer Application: phpXplorer Vendor: http://www.phpxplorer.org Vulnerable Versions: 0.9.33 Bug: directory traversal Date: 16-January-2006 Author: Oriol Torrent Santiago oriol.torrent.AT.gmail.com...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2005/12/16 12:0 a.m.29 views

phpXplorer XSS vuln.

phpXplorer XSS vuln. Vuln. discovered by : r0t Date: 16 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/phpxplorer-xss-vuln.html vendor:http://www.phpxplorer.org/ affected version:0.9.12 and prior Product Description: phpXplorer is a free open source file management system / explor...

6.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/07/22 12:0 a.m.47 views

Linux Kernel: Multiple DoS and permission vulnerabilities

Background The Linux kernel is responsible for managing the core aspects of a GNU/Linux system, providing an interface for core system applications as well as providing the essential structure and capability to access hardware that is needed for a running system. Description The Linux kernel allo...

7.2CVSS6.8AI score0.00801EPSS
Exploits6
Rows per page
Query Builder