Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/09/25 2:41 p.m.10 views

CVE-2025-36857 Rapid7 Appspider Broken Access Control Vulnerability

Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in directories belonging to other users or projects. Affected versions allow standard users to add custom...

3.3CVSS0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.5 views

PT-2025-39395

Name of the Vulnerable Software and Affected Versions Rapid7 Appspider Pro versions prior to 7.5.021 Description The application has a broken access control issue in how it loads configuration files. Standard users can add custom configuration files, which are loaded alphabetically and can overri...

3.3CVSS6.6AI score0.00118EPSS
Exploits0References6
seebug.org
seebug.org
added 2008/08/26 12:0 a.m.16 views

GeekLog <= 1.5.0 Remote Arbitrary File Upload Exploit

No description provided by source. !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; print INTRO; +++++++++++++++++++++++++++++++++++++++++++++++++++++ + GeekLog = 1.5.0 Remote Arbitrary File Upload + + + + Discovered && Coded By: t0pP8uZz + + + + 0day?!?Most...

7.1AI score
Exploits0
NVD
NVD
added 2001/10/30 5:0 a.m.16 views

CVE-2001-0713

Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as 1 macro names that ar...

4.6CVSS6.5AI score0.00326EPSS
Exploits0References3
Rows per page
Query Builder