Lucene search
K

5 matches found

Openbugbounty
Openbugbounty
added 2020/01/28 6:46 p.m.9 views

white-oak-stables.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1077381 Security Researcher geeknik Helped patch 8924 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting white-oak-stables.com...

0.2AI score
Exploits0
Prion
Prion
added 2017/01/23 7:59 a.m.15 views

Directory traversal

The patch for directory traversal CVE-2017-5480 in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ../ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether...

9CVSS7.9AI score0.0414EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/01/15 10:59 p.m.16 views

CVE-2017-5480

Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. dot dot in the fmselected array parameter...

8.1CVSS8.3AI score0.02441EPSS
Exploits0References3
OSV
OSV
added 2017/01/15 10:59 p.m.19 views

CVE-2017-5480

Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. dot dot in the fmselected array parameter...

8.1CVSS6.4AI score
Exploits0References3
CVE
CVE
added 2017/01/15 10:0 p.m.51 views

CVE-2017-5480

The CVE-2017-5480 issue affects b2evolution’s back-office flow, specifically the PHP file inc/files/files.ctrl.php. A directory traversal flaw permits remote authenticated users to read or delete arbitrary files by injecting a dot-dot sequence into the fm_selected array parameter. Affected softwa...

8.1CVSS7.5AI score0.02441EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder