2184 matches found
CVE-2018-15386
A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...
Authentication flaw
A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...
CVE-2018-11241
An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of Spring 2018...
Directory Traversal
camel-mail is vulnerable to a directory traversal attack. The library does not properly sanitize the file path, allowing a malicious user to gain access to the files on the system...
The vulnerability of FL SWITCH microprogrammed software for controlled switches arises from operations that go beyond the buffer boundaries in memory. This allows attackers to access device operating system files and execute arbitrary code.
The vulnerability of the microprogrammed software for controlled switches from FL SWITCH from Phoenix Contact arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to the device’s operating...
CVE-2018-16539
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable...
Information Disclosure
libglusterfs.so is vulnerable to information disclosure. A malicious user can send a xattr request to the application to discover what files are on the system...
yum-utils: reposync: improper path validation may lead to directory traversal
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...
Directory Traversal
simplehttpserver is vulnerable to directory traversal. An attacker is able to exploit the vulnerability to retrieve and view system files by using the characters ../ in the directory path of the URL...
PCViewer vt1000 - Directory Traversal
Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N/A Proof ...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-10897
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...
Path traversal
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...
CleanMyMac3 Local Privilege Escalation Exploit
Exploit for macOS platform in category local exploits CleanMyMac3 installs a rooted helper com.macpaw.CleanMyMac3.Agent, and its XPC interface does not validate anything. In CMPrivilegedOperationprotocol, there are actually more than one way to execute privileged code. The most straight forward o...
Directory Traversal
MODX Revolution is vulnerable to directory traversal. This is due to a lack of sanitization of file paths in /core/model/modx/modmanagerrequest.class.php which allows an attacker to exploit this vulnerability by adding the ../ characters in the web request via the security/login processor to dele...
CVE-2016-9491
ManageEngine Applications Manager 12 and 13 before build 13690 allows an authenticated user, who is able to access /register.do page most likely limited to administrator, to browse the filesystem and read the system files, including Applications Manager configuration, stored private keys, etc. By...
Design/Logic Flaw
ManageEngine Applications Manager 12 and 13 before build 13690 allows an authenticated user, who is able to access /register.do page most likely limited to administrator, to browse the filesystem and read the system files, including Applications Manager configuration, stored private keys, etc. By...
CVE-2018-10897
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...
EyouCms V1.0.4 Arbitrary File Reading Vulnerability
Eyou Content Management System EyouCms is developed by php + mysql a set of open source cms dedicated to small and medium-sized enterprise website construction. EyouCms V1.0.4 exists arbitrary file reading vulnerability. An attacker can use this vulnerability to read any file in the system...