Lucene search
K

180 matches found

Prion
Prion
added 2018/06/26 4:29 p.m.17 views

Directory traversal

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This...

7.5CVSS9.4AI score0.02576EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2018/06/26 4:0 p.m.36 views

CVE-2018-1000550

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This...

9.8CVSS9.5AI score0.02576EPSS
Exploits0
NVD
NVD
added 2018/06/07 2:29 a.m.15 views

CVE-2017-16213

mfrserver is a simple file server. mfrserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.14 views

CVE-2017-16215

sgqserve is a simple file server. sgqserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.25 views

CVE-2017-16196

quickserver is a simple static file server. quickserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.15 views

CVE-2017-16183

iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.19 views

CVE-2017-16123

welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
Prion
Prion
added 2018/06/07 2:29 a.m.13 views

Directory traversal

jnjjserver is a static file server. jnjjserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

5CVSS7.4AI score0.02005EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.26 views

CVE-2017-16182

serverxxx is a static file server. serverxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.02005EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.24 views

CVE-2017-16197

qinserve is a static file server. qinserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.03191EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.31 views

Root Path Disclosure in send

Versions of send prior to 0.11.2 are affected by an information leakage vulnerability which may allow an attacker to enumerate paths on the server filesystem. Recommendation Update to version 0.11.1 or later...

5.3CVSS5.4AI score0.04697EPSS
Exploits0References7Affected Software1
Packet Storm
Packet Storm
added 2017/10/14 12:0 a.m.68 views

Opentext Documentum Content Server File Hijack / Privilege Escalation

!/usr/bin/env python Opentext Documentum Content Server formerly known as EMC Documentum Content Server does not properly validate input of PUTFILE RPC-command which allows any authenticated user to hijack arbitrary file from Content Server filesystem, because some files on Content Server...

1AI score0.07782EPSS
Exploits4
securityvulns
securityvulns
added 2015/03/23 12:0 a.m.49 views

[ MDVSA-2015:051 ] sympa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:051 http://www.mandriva.com/en/support/security/ Package : sympa Date : March 3, 2015 Affected: Business Server 1.0 Problem Description: Updated sympa packages fix security vulnerability: A vulnerability hav...

5CVSS6.2AI score0.02436EPSS
Exploits0
Mageia
Mageia
added 2015/02/26 8:26 a.m.28 views

Updated sympa packages fix CVE-2015-1306

Updated sympa packages fix security vulnerability: A vulnerability have been discovered in Sympa web interface that allows access to files on the server filesystem. This breach allows to send to a list or a user any file readable by the Sympa user, located on the server filesystem, using the Symp...

6.4AI score
Exploits0References3
Debian
Debian
added 2015/02/07 10:54 a.m.22 views

[SECURITY] [DLA 148-1] sympa security update

Package : sympa Version : 6.0.1+dfsg-4+squeeze3 CVE ID : CVE-2015-1306 A vulnerability has been discovered in the web interface of sympa, a mailing list manager. An attacker could take advantage of this flaw in the newsletter posting area, which allows sending to a list, or to oneself, any file...

5CVSS5.8AI score0.02436EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/21 12:0 a.m.29 views

Debian DSA-3134-1 : sympa - security update

A vulnerability has been discovered in the web interface of sympa, a mailing list manager. An attacker could take advantage of this flaw in the newsletter posting area, which allows sending to a list, or to oneself, any file located on the server filesystem and readable by the sympa user...

5CVSS5.4AI score0.02436EPSS
Exploits0References3
OSV
OSV
added 2015/01/20 12:0 a.m.17 views

DSA-3134-1 sympa - security update

Bulletin has no description...

5CVSS6.1AI score0.02436EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/03/12 12:0 a.m.36 views

vTiger CRM 5.4.06.0 RC6.0.0 GA - browse.php Local File Inclusion

vTiger CRM 5.4.06.0 RC6.0.0 GA - browse.php Local File Inclusion CVE: CVE-2014-1222 Vendor: Vtiger Product: CRM Affected version: Vtiger 5.4.0, 6.0 RC & 6.0.0 GA Fixed version: Vtiger 6.0.0 Security patch 1 Reported by: Jerzy Kramarz Details: A local file inclusion vulnerability was discovered in...

4CVSS0.4AI score0.08795EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

Platinum FTP server Multiple Vulnerabilities

Binary data 1825.prm...

7.3AI score
Exploits0
Rows per page
Query Builder