Lucene search
K

6 matches found

Hacker One
Hacker One
added 2020/09/12 9:50 p.m.43 views

Mail.ru: Path traversal lead to LFR via [CVE-2019-3394]

Path traversal lead to Local File Read via CVE-2019-3403 in confluence.plazius.ru...

5CVSS3.8AI score0.52637EPSS
Exploits2
Packet Storm
Packet Storm
added 2019/08/31 12:0 a.m.367 views

Confluence Server Local File Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/uAsvOg . CVE ID: CVE-2019-3394. Product: Confluence Server. Affected Confluence Server product versions: 6.1.0 = 6.1.0 but less than 6.6.16 or who have downloaded and...

8.8AI score0.11406EPSS
Exploits1
NVD
NVD
added 2019/08/29 3:15 p.m.19 views

CVE-2019-3394

There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under /confluence/WEB-INF directory, which may contain configuration...

8.8CVSS8.2AI score0.11406EPSS
Exploits1References2
CVE
CVE
added 2019/08/29 2:32 p.m.108 views

CVE-2019-3394

CVE-2019-3394 affects Atlassian Confluence Server/Data Center: a local file disclosure in the page export feature allows an authenticated attacker with page-edit permission to read arbitrary files under the Confluence install directory (notably /confluence/WEB-INF). Impact could include leakage o...

8.8CVSS8AI score0.11406EPSS
Exploits1References2Affected Software2
Atlassian
Atlassian
added 2019/08/19 8:17 p.m.88 views

Local File Disclosure via Word Export in Confluence Server - CVE-2019-3394

Confluence Server and Data Center had a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the /confluence/WEB-INF/ directory and it's subdirectories, which may contain configuration files...

8.8CVSS2.6AI score0.11406EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2019/08/19 8:17 p.m.37 views

Local File Disclosure via Word Export in Confluence Server - CVE-2019-3394

Confluence Server and Data Center had a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the /confluence/WEB-INF/ directory and it's subdirectories, which may contain configuration files...

8.8CVSS2.6AI score0.11406EPSS
Exploits1
Rows per page
Query Builder