Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.7 views

CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

9.8CVSS7.4AI score0.45361EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.6 views

CVE-2019-18951

SibSoft Xfilesharing through 2.5.1 allows op=page=../ directory traversal to read arbitrary files...

7.5CVSS6.4AI score0.19781EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2022/01/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

9.8CVSS7.8AI score0.45361EPSS
Exploits6References1
CNVD
CNVD
added 2019/11/14 12:0 a.m.4 views

SibSoft Xfilesharing File Upload Vulnerability

SibSoft Xfilesharing is a file sharing solution from the Russian company SibSoft. A file upload vulnerability exists in SibSoft Xfilesharing. An attacker can exploit this vulnerability to achieve remote code execution...

9.8CVSS8.1AI score0.45361EPSS
Exploits5References1
OSV
OSV
added 2019/11/13 11:15 p.m.4 views

CVE-2019-18951

SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files...

7.5CVSS7.3AI score0.19781EPSS
Exploits5References2
OSV
OSV
added 2019/11/13 11:15 p.m.5 views

CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

9.8CVSS7.7AI score0.45361EPSS
Exploits5References2
NVD
NVD
added 2019/11/13 11:15 p.m.12 views

CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

9.8CVSS7.9AI score0.45361EPSS
Exploits5References2
Prion
Prion
added 2019/11/13 11:15 p.m.11 views

Design/Logic Flaw

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

7.5CVSS8.2AI score0.45361EPSS
Exploits6References2Affected Software1
Cvelist
Cvelist
added 2019/11/13 10:38 p.m.20 views

CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...

8.9AI score0.45361EPSS
Exploits5References2
CVE
CVE
added 2019/11/13 10:38 p.m.213 views

CVE-2019-18952

CVE-2019-18952 affects SibSoft Xfilesharing up to version 2.5.1, enabling an arbitrary file upload through cgi-bin/up.cgi. The accompanying data shows this can be chained with CVE-2019-18951 (directory traversal via op=page&tmpl=…) to achieve remote code execution, using a crafted HTML file serve...

9.8CVSS8.8AI score0.45361EPSS
In wildExploits5References2Affected Software1
CVE
CVE
added 2019/11/13 10:38 p.m.207 views

CVE-2019-18951

CVE-2019-18951 affects SibSoft Xfilesharing up to version 2.5.1. The vulnerability is a directory traversal via op=page&tmpl=../, allowing reading arbitrary files. Public sources in the connected documents corroborate a path traversal/LFI-style exposure, with exploit context and mention of a comb...

7.5CVSS8.4AI score0.19781EPSS
In wildExploits5References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/11/13 12:0 a.m.604 views

CVE-2019-18952

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...

9.8CVSS4.3AI score0.45361EPSS
In wildExploits6References3
Rows per page
Query Builder