Lucene search
K

7 matches found

EUVD
EUVD
added 2026/03/11 12:9 a.m.5 views

EUVD-2026-10910

OliveTin's unsafe parsing of UniqueTrackingId can be used to write files...

8.5CVSS5.8AI score0.00712EPSS
Exploits1References3
NVD
NVD
added 2026/03/10 10:16 p.m.5 views

CVE-2026-31817

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS0.00712EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 9:8 p.m.4 views

CVE-2026-31817 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS6.1AI score0.00712EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/10 9:8 p.m.4 views

CVE-2026-31817

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS6AI score0.00712EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/10 9:8 p.m.27 views

CVE-2026-31817 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS0.00712EPSS
Exploits1References1
CVE
CVE
added 2026/03/10 9:8 p.m.10 views

CVE-2026-31817

OliveTin before 3000.11.2 exposes an unsafe file path construction in SaveLogs: the StartAction API’s user-supplied UniqueTrackingId is used in log file paths without validation, enabling directory traversal (e.g., ../../../) to write files to arbitrary filesystem locations. This impacts systems ...

8.5CVSS6AI score0.00712EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.6 views

PT-2026-24467

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.2 Description OliveTin provides access to predefined shell commands through a web interface. When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename for these logs ...

9.9CVSS6AI score0.22162EPSS
Exploits68References138
Rows per page
Query Builder