Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28610

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.01771EPSS
Exploits0References5
Node.js
Node.js
added 2019/11/29 5:54 p.m.28 views

Arbitrary File Write

Overview Versions of iobroker.controller prior to 2.0.25 are vulnerable to Path Traversal. The package fails to restrict access to folders outside of the intended /adapter/ folder, which may allow attackers to include arbitrary files in the system. An attacker would need to be authenticated to...

5CVSS4.1AI score0.02158EPSS
Exploits1Affected Software1
OSV
OSV
added 2017/05/18 4:29 p.m.23 views

CVE-2017-9067

In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal...

7CVSS7.5AI score0.0082EPSS
Exploits1References3
Cvelist
Cvelist
added 2017/05/03 5:0 p.m.22 views

CVE-2016-9976

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 120252...

8.4AI score0.01715EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

PAJAX Remote Command Execution

No description provided by source. $Id: pajaxremoteexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/09/09 12:0 a.m.21 views

Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities

Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350 http://secpod.org/advisories/SECPODXatafaceWebauctionMultVuln.txt Software : Xataface...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/16 12:0 a.m.26 views

eFront 3.6.9 Build 10653 Local File Inclusion

------------------------------------------------------------------------ Software................eFront 3.6.9 build 10653 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.efrontlearning.net/ Discovery Date..........5/12/2011 Test...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2009/06/30 10:0 a.m.19 views

CVE-2009-2263

Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathnam...

7.3AI score0.02444EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/06/05 9:0 p.m.27 views

CVE-2008-6825

Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. dot dot in the langChoice parameter...

7.2AI score0.20271EPSS
Exploits2References5
NVD
NVD
added 2009/02/24 6:30 p.m.14 views

CVE-2009-0722

Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. dot dot in the user cookie parameter...

7.5CVSS7.2AI score0.02296EPSS
Exploits1References2
NVD
NVD
added 2008/11/19 6:11 p.m.15 views

CVE-2008-5171

Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the 1 DB, 2 lang, and 3 skin parameters...

9.3CVSS7.3AI score0.03252EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2008/06/20 12:0 a.m.60 views

FubarForum 1.5 - 'index.php' Local File Inclusion

Name : FubarForum v1.5 Local File Inclusion Vulnerability Author : cOndemned Dork : for ex. "Powered by FubarForum v1.5" Greetz : TBH, GregStar, ZaBeaTy, irk4z, Hawk, Sandtalker & Avantura ; Source : // index.php 5. if !empty$GET'page' $page = $GET'page'; // ---- $page is being sended using GET...

7AI score
Exploits0
Prion
Prion
added 2007/06/19 6:30 p.m.17 views

Directory traversal

Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows remote attackers to include and execute arbitrary local files a .. dot dot in the outconfig parameter...

9CVSS7.7AI score0.0786EPSS
Exploits1References7
seebug.org
seebug.org
added 2007/03/29 12:0 a.m.29 views

Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vuln

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV80$2007 ----------------------------------------------------------------------------------------- ECHOADV80$2007 Softerra Time-Assistant = 6.2 incdir Remote File Inclusion...

7.1AI score
Exploits0
NVD
NVD
added 2006/12/31 5:0 a.m.10 views

CVE-2006-4579

Directory traversal vulnerability in users.php in The Address Book 1.04e allows remote attackers to include arbitrary files via a .. dot dot in the language parameter...

5CVSS6.7AI score0.01703EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/11/10 1:0 a.m.21 views

CVE-2006-5834

Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote attackers to include arbitrary files via a .. dot dot sequence in the sLanguage Cookie parameter...

6.7AI score0.02273EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2006/06/15 12:0 a.m.44 views

DeluxeBB 1.06 - 'templatefolder' Remote File Inclusion

Secunia Research has discovered some vulnerabilities in DeluxeBB, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. 1 Input passed to the "templatefolder" parameter in various scripts isn't properly verified, before it is used to inclu...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/06/15 12:0 a.m.14 views

DeluxeBB 1.06 - templatefolder Remote File Inclusion

DeluxeBB 1.06 - templatefolder Remote File Inclusion Secunia Research has discovered some vulnerabilities in DeluxeBB, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. 1 Input passed to the "templatefolder" parameter in various script...

7.5AI score
Exploits0
NVD
NVD
added 2006/05/03 10:2 a.m.14 views

CVE-2006-2156

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. dot dot sequences in the helpfile parameter...

6.4CVSS6.7AI score0.07922EPSS
Exploits1References8
Prion
Prion
added 2006/03/07 11:2 a.m.14 views

Code injection

config/configinc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SGHOME parameter...

7.5CVSS7.2AI score0.03133EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder