6 matches found
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability...
VulnCheck KEV: CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability...
CVE-2019-18393
creationtimestamp| type| source ---|---|--- 2024-01-27 10:16:25+00:00| seen| https://t.me/ctinow/174726 2025-07-11 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-07-11 2025-07-27 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities -...
Exploit for Path Traversal in Igniterealtime Openfire
PoC exploit for CVE-2019-18393 and CVE-2019-18394, which are related to MongoDB and Redis vulnerabilities. The repository contains information on how to exploit these vulnerabilities, including a demonstration of how an attacker can gain unauthorized access to a MongoDB database and a Redis serve...
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability...
CVE-2019-18393
Openfire