CVE-2018-3766

Path traversal in buttle module versions = 0.2.0 allows to read any file in the server...

PT-2018-16184 · Buttle · Buttle

Name of the Vulnerable Software and Affected Versions: buttle versions = 0.2.0 Description: The issue concerns a path traversal vulnerability in the buttle module, allowing attackers to read any file on the server due to insufficient input sanitization. This can be exploited by using relative pat...

CVE-2018-12999

Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted request to the server with a computerName=../ substring to the /agenttrayicon URI...

JVN#58362455: MemoCGI vulnerable to directory traversal

MemoCGI provided by ChamaNet contains a directory traversal vulnerability CWE-22. Impact A remote attacker may view files on the server. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected MemoCGI v2.1800 to v2.2200...

Design/Logic Flaw

lms version = LMS011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be exploitable via GET parameter. This vulnerability appears to have been fixed in after commit 254765e...

phpMyAdmin File Inclusion Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin. An...

phpMyAdmin File Inclusion Vulnerability (PMASA-2018-4) - Windows

phpMyAdmin is prone to a file inclusion vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin"; if...

CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

PT-2018-16155 · Npm +2 · Public +2

Name of the Vulnerable Software and Affected Versions: public versions prior to 0.1.3 Description: The issue arises from a lack of validation of the filePath, allowing a malicious user to read the content of any file with a known path due to a Path Traversal vulnerability. This is caused by...

html-pages node module path traversal vulnerability

html-pages is a module that allows you to browse catalogs in your browser and provide static files. A path traversal vulnerability exists in the html-pages node module. An attacker can exploit this vulnerability to read arbitrary files from the server using cURL...

PT-2018-16166 · Node · Html-Pages

Name of the Vulnerable Software and Affected Versions: html-pages versions prior to 2.1.0 Description: The issue allows an attacker to read any file from the server, potentially using tools like cURL. This is due to a path traversal vulnerability in the html-pages node module. Recommendations:...

Open-Xchange: Blind XXE via Powerpoint files

Summary During the parsing of Powerpoint files it seems that it is possible to include XXE payload which will be executed on the Open-XChange server. I was able to identify which files exist on the server, and cause the server make arbitrary request to my own server, and I am pretty sure it is al...

Arbitrary File Read Vulnerability in PowerEasy SmartGov

PowerEasy government website management system PowerEasy SmartGov is a complete set of government portal application solutions provided by PowerEasy according to the actual application requirements of the government. An arbitrary file read vulnerability exists in PowerEasy SmartGov. An attacker c...

Arbitrary File Download Vulnerability in CLTPHP Version 5.5.3

CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP 5.5.3 version exists arbitrary file download vulnerability, an attacker can exploit the vulnerability to construct parameters to download arbitrary server files, such as script code,...

CVE-2018-7654

On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal...

Arbitrary file download vulnerability in phpwechat version 1.1.6

phpWechat is a free and open source microsoft public platform management system. An arbitrary file download vulnerability exists in phpwechat version 1.1.6 at the data backup, which can be exploited by an attacker to download arbitrary files from the server, such as script code, service and syste...

Arbitrary File Download Vulnerability in Xingyunhai CMS v3.5

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system, simple and easy to use. XYHCMS V3.5 version of the existence of arbitrary file download vulnerability, the attacker can be constructed through the parameters to download any file server , such as script code , servi...

Kaseya VSA R9.2 Arbitrary File Read

------------------------------------------------------------------------ Arbitrary file read in Kaseya VSA ------------------------------------------------------------------------ Kin Hung Cheng, Robert Hartshorn, May 2017 ------------------------------------------------------------------------...

WordPress Service Finder Booking Local File Disclosure

Exploit Title: Worpress Plugin Service Finder Booking 3.2 - Local File Disclosure Google Dork: N/A Date: 09/01/2018 GMT+7 Exploit Author: telahdihapus Vendor Homepage: https://themeforest.net/user/aonetheme Software Link:...

CVE-2017-9965

An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files...