Lucene search
K

1369 matches found

CNVD
CNVD
added 2021/10/08 12:0 a.m.114 views

Apache HTTP Server Path Traversal Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server version 2.4.49 path traversal vulnerability , the vulnerability stems from the introduction of apnormalizepath...

7.5CVSS8.9AI score0.99992EPSS
Exploits148References1
CNNVD
CNNVD
added 2021/09/29 12:0 a.m.8 views

Apache HTTP Server 路径遍历漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server version 2.4.49 path traversal vulnerability , the vulnerability stems from the introduction of apnormalizepath...

9.8CVSS8.2AI score0.99992EPSS
Exploits148References43
CNVD
CNVD
added 2021/09/22 12:0 a.m.12 views

DEDECMSV6 has a file upload vulnerability (CNVD-2021-75297)

DEDECMSV6 is based on PHP7.x development, is scalable and fully open source.DEDECMSV6 has a file upload vulnerability that can be exploited by attackers to gain control of the server...

3.1AI score
Exploits0
CNVD
CNVD
added 2021/09/22 12:0 a.m.12 views

DEDECMSV6 has a code execution vulnerability

DEDECMSV6 is based on PHP7.x development, is scalable and fully open source.DEDECMSV6 has a code execution vulnerability that can be exploited by attackers to gain control of the server...

4.7AI score
Exploits0
CNVD
CNVD
added 2021/09/22 12:0 a.m.14 views

Command Execution Vulnerability in DEDECMSV6 (CNVD-2021-75300)

DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...

4.4AI score
Exploits0
CNVD
CNVD
added 2021/09/22 12:0 a.m.8 views

Command Execution Vulnerability in DEDECMSV6 (CNVD-2021-75295)

DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...

4.4AI score
Exploits0
Huntr
Huntr
added 2021/09/14 6:59 a.m.10 views

Path Traversal in pheditor/pheditor

Description A path traversal attack also known as directory traversal aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...

1.1AI score
Exploits0References2
Huntr
Huntr
added 2021/09/14 5:36 a.m.13 views

Path Traversal in dmpop/mejiro

Description A path traversal attack also known as directory traversal aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...

1.5AI score
Exploits0References2
CNVD
CNVD
added 2021/09/13 12:0 a.m.14 views

TongWEB application server is vulnerable to arbitrary file upload

TongWEB Application Server is a standard, secure, highly available and feature-rich enterprise application server.TongWEB Application Server is vulnerable to arbitrary file upload, which can be exploited by attackers to upload WEBSHELL and gain control of the server...

2.8AI score
Exploits0
CNVD
CNVD
added 2021/09/06 12:0 a.m.3 views

Command Execution Vulnerability in NetGuard Security Management Platform of Beijing NetGuard Nebula Information Technology Co.

Beijing Nethub Information Technology Co., Ltd. was renamed from Lenovo Nethub Technology Beijing Co., Ltd. and its business covers network border security protection, application and data security protection, network-wide security risk management, professional security solutions and professional...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/08/24 12:0 a.m.5 views

PublicCMS suffers from a command execution vulnerability (CNVD-2021-70754)

PublicCMS is an open source JAVACMS system developed using the latest mainstream technology in 2021. PublicCMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/08/22 12:0 a.m.12 views

DEDECMSV6 has command execution vulnerability

DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...

4.4AI score
Exploits0
CNVD
CNVD
added 2021/08/12 12:0 a.m.18 views

Tecknodreams SapphireIMS Default Configuration Issue Vulnerability

Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise class service management system from Tecknodreams India. A default configuration issue vulnerability exists in Tecknodreams SapphireIMS version 5.0, which stems from the use of default sapphire:ims credentials to connect clients to the...

7.8CVSS7.8AI score0.00375EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/11 12:0 a.m.20 views

Command Execution Vulnerability in the Enterprise-Side Internet Integrated Management Platform of Beijing Yahong Century Technology Development Co.

Ltd. is a high-tech company specializing in Internet spatial data governance, network and information security and data value-added solutions and services. A command execution vulnerability exists in the enterprise-side Internet integrated management platform of Beijing Yahong Century Science and...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/08/05 12:0 a.m.7 views

SourceCodester Phone Shop Sales Management System File Upload Vulnerability

SourceCodester Phone Shop Sales Management System is a PHP project called Phone Shop Sales Management System by SourceCodester USA. The project manages phone store sales transactions. A file upload vulnerability exists in SourceCodester Phone Shop Sales Management System, which can be exploited b...

9.8CVSS7.4AI score0.01836EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/05 12:0 a.m.8 views

File Upload Vulnerability in NetSign Signature Verification Server of Dongfang Tongweb Middleware of Beijing Xin'an Century Technology Co.

Ltd. provides signature verification server NetSign to provide digital signature services based on digital certificates for various types of electronic information data, electronic documents, etc., and verify the authenticity and validity of signatures on signed data; support user certificate...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/07/23 12:0 a.m.9 views

Command Execution Vulnerability in Free Fiction Software

The free novel software is a full range of free listening and reading tools developed by KDDI, focusing on online novel apps. Free Novel Software suffers from a command execution vulnerability that can be exploited by an attacker to gain server control privileges...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/07/21 12:0 a.m.11 views

Command Execution Vulnerability in Skymirror Vulnerability Scan and Management System

Skymirror Vulnerability Scan and Management System is a vulnerability scanning product developed by Qisda, a network-based vulnerability analysis, assessment and management system. Sky Mirror Vulnerability Scan and Management System has a command execution vulnerability, which can be exploited by...

3.4AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.5 views

Mozilla VPN 安全特征问题漏洞

Mozilla VPN is an open source virtual private network Web browser extension, desktop application and mobile application from the Mozilla Foundation in the U.S. A security vulnerability exists in versions of Mozilla VPN prior to 2.3. An attacker could exploit the vulnerability to gain control of t...

10CVSS5.7AI score0.0278EPSS
Exploits1References17
CNVD
CNVD
added 2021/07/19 12:0 a.m.11 views

Command Execution Vulnerability in Ruijie NBR Routers (CNVD-2021-58700)

Ltd. is a professional network vendor with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products, storage, etc. A command execution vulnerability exists in Ruijie NBR routers, which can be exploited by attackers...

4.1AI score
Exploits0
Rows per page
Query Builder