Lucene search
K

128 matches found

Prion
Prion
added 2024/03/08 2:15 a.m.14 views

Directory traversal

RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow...

7.6AI score0.00827EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.4 views

Dreamer CMS Security Vulnerability

Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS versions prior to 4.0.1, which stems from a directory traversal vulnerability. An attacker can exploit this vulnerability to modify template files or...

9.1CVSS6.7AI score0.00992EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/11/23 12:0 a.m.3 views

Artica Pandora FMS Security Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS versions 700 to 773, which arises from improper system privilege...

8.5CVSS6.6AI score0.00522EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/16 12:0 a.m.6 views

PT-2023-32476 · H2O · H2O

Name of the Vulnerable Software and Affected Versions: H2O affected versions not specified Description: The issue is related to a stored XSS vulnerability that can lead to a Local File Include attack. This allows an attacker to potentially execute malicious scripts or access sensitive files on th...

9.3CVSS8.8AI score0.00749EPSS
Exploits1References3
OSV
OSV
added 2023/09/04 12:15 p.m.4 views

CVE-2023-4019

The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases...

8.8CVSS7.3AI score0.00654EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/16 6:54 p.m.13 views

CVE-2023-30507 Authenticated Remote Path Traversal in Aruba EdgeConnect Enterprise Command Line Interface

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files...

4.9CVSS5.8AI score0.00648EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 12:0 a.m.45 views

CVE-2022-3146

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

5.3AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.17 views

PT-2022-27175 · Unknown · Html2Xhtml

Name of the Vulnerable Software and Affected Versions: html2xhtml version 1.3 Description: The issue is related to an Out-Of-Bounds read in the elm close function at procesador.c. This allows attackers to access sensitive files or cause a Denial of Service DoS via a crafted html file...

8.1CVSS7.6AI score0.01061EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2022/11/08 12:0 a.m.8 views

CVE-2022-44311

html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elmclosetreenodet nodo at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service DoS via a crafted html file...

7.9AI score0.01061EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.7 views

PT-2022-24888 · Unknown · Gin-Vue-Admin

Name of the Vulnerable Software and Affected Versions: Gin-vue-admin versions prior to 2.5.4 Description: The issue concerns an arbitrary file read due to insufficient validation of the fileMd5 and fileName parameters in the file upload functionality. This allows unauthorized access to files. The...

9.8CVSS9.2AI score0.01059EPSS
Exploits1References4
OSV
OSV
added 2022/05/14 3:25 a.m.9 views

GHSA-9Q87-22GR-R8QF WildFly has incomplete blacklist vulnerability

Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly formerly JBoss Application Server before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the 1 WEB-INF or 2 META-INF directory via a request that contains a lowercase or b...

7.5CVSS7.3AI score0.15572EPSS
Exploits3References7
Github Security Blog
Github Security Blog
added 2022/05/14 3:25 a.m.11 views

WildFly has incomplete blacklist vulnerability

Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly formerly JBoss Application Server before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the 1 WEB-INF or 2 META-INF directory via a request that contains a lowercase or b...

7.5CVSS6.6AI score0.15572EPSS
Exploits3References7Affected Software2
NVD
NVD
added 2022/04/14 6:15 p.m.20 views

CVE-2022-22391

IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059...

4.3CVSS0.00676EPSS
Exploits0References2
ICS
ICS
added 2021/11/04 12:0 a.m.118 views

VISAM VBASE Editor

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Improper Access Control, Cross-site Scripting, Improper Restriction of XML External Entity Reference, Using Components with Known Vulnerabilities 2. RISK...

7.5CVSS7.8AI score0.00668EPSS
Exploits0References5
Talos
Talos
added 2021/07/15 12:0 a.m.75 views

D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability. Test...

7.5CVSS7.5AI score0.02013EPSS
Exploits2
Prion
Prion
added 2021/07/09 2:15 p.m.28 views

Design/Logic Flaw

The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed external entities are insecurely processed and fetched by the system and returned to the attacker. Detailed description Given the following request: POST /vsaWS/KaseyaWS.asmx HTTP/1.1 Content-Type:...

5CVSS7.4AI score0.25256EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2021/02/10 12:0 a.m.6 views

Advantech iView path traversal vulnerability (CNVD-2021-13241)

Advantech iView is a device management application for the energy, water and wastewater industries. A path traversal vulnerability exists in versions prior to Advantech iView 5.7.03.6112. An attacker can exploit this vulnerability to read sensitive files...

7.5CVSS6.4AI score0.03124EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/05 12:0 a.m.8 views

Apache Flink 路径遍历漏洞

Apache Flink is an efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file write vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability ...

7.5CVSS7.3AI score0.50038EPSS
Exploits1References30
Snyk
Snyk
added 2020/06/20 12:38 p.m.5 views

Directory Traversal

Overview rollup-plugin-serve-favicon is a rollup plugin to serve bundles. Affected versions of this package are vulnerable to Directory Traversal. There is no path sanitization in readFile operation. PoC by JHU System Security Lab Step 1: start a server var server = require"rollup-plugin-serve";...

9.8CVSS7.5AI score0.01474EPSS
Exploits0References2
Node.js
Node.js
added 2020/03/20 2:15 p.m.27 views

Path Traversal

Overview Versions of sapper prior to 0.27.11 are vulnerable to Path Traversal. It is possible to access sensitive files on the server through HTTP requests containing URL-encoded ../. You may test a sapper application running in prod mode with curl -vvv...

6.7AI score
Exploits0Affected Software1
Rows per page
Query Builder