Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2016/02/02 12:0 a.m.19 views

openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2016:0213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.22212EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2016/01/29 7:59 p.m.15 views

CVE-2015-8770

Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...

7.5CVSS7.4AI score0.22212EPSS
Exploits5References2
OSV
OSV
added 2016/01/29 7:59 p.m.7 views

CVE-2015-8770

Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...

7.5CVSS7.6AI score
Exploits0References13
CVE
CVE
added 2016/01/29 7:0 p.m.84 views

CVE-2015-8770

CVE-2015-8770 is a path traversal vulnerability in Roundcube’s skin handling. Specifically, the set_skin function in Roundcube’s rcmail_output_html.php (affected in versions prior to 1.0.8 and 1.1.x prior to 1.1.4) allows remote authenticated users with required permissions to read arbitrary file...

7.5CVSS7.5AI score0.22212EPSS
Exploits5References12Affected Software1
Debian CVE
Debian CVE
added 2016/01/29 7:0 p.m.27 views

CVE-2015-8770

Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...

7.5CVSS7.7AI score0.22212EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2016/01/26 12:0 a.m.25 views

openSUSE Security Update : roundcubemail (openSUSE-2016-81)

This update to roundcubemail 1.0.8 fixes the following issues : - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

7.5CVSS7.5AI score0.22212EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2016/01/26 12:0 a.m.17 views

openSUSE Security Update : roundcubemail (openSUSE-2016-80)

This update to roundcubemail 1.1.4 fixes the following issues : - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

7.5CVSS7.5AI score0.22212EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2016/01/25 12:0 a.m.31 views

openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2016:0210-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.22212EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/24 3:12 p.m.27 views

Security update for roundcubemail (important)

This update to roundcubemail 1.1.4 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

6CVSS4AI score0.22212EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/24 3:11 p.m.28 views

Security update for roundcubemail (important)

This update to roundcubemail 1.0.8 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

6CVSS4AI score0.22212EPSS
Exploits5References1
Debian
Debian
added 2016/01/17 6:27 p.m.30 views

[SECURITY] [DLA 392-1] roundcube security update

Package : roundcube Version : 0.3.1-6+deb6u1 CVE ID : CVE-2015-8770 High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to...

7.5CVSS7.8AI score0.22212EPSS
Exploits5
0day.today
0day.today
added 2016/01/15 12:0 a.m.91 views

Roundcube 1.1.3 - Directory Traversal

Exploit for php platform in category web applications Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 20...

6CVSS0.1AI score0.22212EPSS
Exploits5
exploitpack
exploitpack
added 2016/01/15 12:0 a.m.46 views

Roundcube Webmail 1.1.3 - Directory Traversal

Roundcube Webmail 1.1.3 - Directory Traversal Advisory ID: HTB23283 Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch:...

6CVSS0.2AI score0.22212EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/01/15 12:0 a.m.145 views

Roundcube Webmail 1.1.3 - Directory Traversal

Advisory ID: HTB23283 Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 2015 Public Disclosure: January 13...

7.5CVSS7.5AI score0.22212EPSS
Exploits5
Rows per page
Query Builder