Lucene search
K

8 matches found

Nuclei
Nuclei
added 2 days ago28 views

GrandNode 4.40 - Local File Inclusion

GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. id: CVE-2019-12276 info: name: GrandNode 4.40...

7.5CVSS7.1AI score0.53705EPSS
Exploits4References5
Circl
Circl
added 2024/11/08 12:0 a.m.254 views

CVE-2019-12276

creationtimestamp| type| source ---|---|--- 2024-11-08 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-08 2024-12-23 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-23 2024-12-24 00:00:00+00:00| seen| The Shadowserver...

7.5CVSS7AI score0.53705EPSS
In wildExploits4References3
Check Point Advisories
Check Point Advisories
added 2020/07/06 12:0 a.m.3 views

GrandNode LetsEncryptController Directory Traversal (CVE-2019-12276)

A directory traversal vulnerability exists in GrandNode. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

5CVSS5.2AI score0.53705EPSS
Exploits4
0day.today
0day.today
added 2019/06/26 12:0 a.m.345 views

GrandNode 4.40 - Path Traversal / Arbitrary File Download Vulnerabilities

Exploit for multiple platform in category web applications Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...

5CVSS7.6AI score0.53705EPSS
Exploits4
exploitpack
exploitpack
added 2019/06/24 12:0 a.m.24 views

GrandNode 4.40 - Path Traversal Arbitrary File Download

GrandNode 4.40 - Path Traversal Arbitrary File Download Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...

5CVSS7.6AI score0.53705EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/06/24 12:0 a.m.117 views

GrandNode 4.40 Path Traversal / File Download

Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...

5CVSS7.6AI score0.53705EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/06/24 12:0 a.m.202 views

GrandNode 4.40 - Path Traversal / Arbitrary File Download

Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...

7.5CVSS7.8AI score0.53705EPSS
Exploits4
CVE
CVE
added 2019/06/05 5:30 p.m.90 views

CVE-2019-12276

GrandNode 4.40 is affected by a Local File Inclusion (path traversal) in Controllers/LetsEncryptController.cs. Remote, unauthenticated attackers could retrieve arbitrary files on the web server via letsEncrypt/Index?fileName= requests. The issue is mitigated by a patch released on 2019-05-30 in G...

7.5CVSS7.4AI score0.53705EPSS
In wildExploits4References3Affected Software1
Rows per page
Query Builder