11 matches found
📄 Nexus Repository Manager 3.53.0-01 File Disclosure / Traversal
A critical path traversal vulnerability exists in Sonatype Nexus Repository Manager 3 that allows unauthenticated attackers to read arbitrary files from the server filesystem through crafted URL paths. This is a proof of concept for an issue discovered in 2024...
Sonatype Nexus Repository 3.53.0-01 - Path Traversal
Exploit Title: Sonatype Nexus Repository 3.53.0-01 - Path Traversal Google Dork: header="Server: Nexus/3.53.0-01 OSS" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4956 Vendor Homepage: https://www.sonatype.com/nexus-repository Software Link:...
CVE-2024-4956
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...
Exploit for CVE-2024-4956
CVE-2024-4956 CVE-2024-4956 is a serious path traversal vulne...
Exploit for CVE-2024-4956
CVE-2024-4956 All information is provided for informational...
Exploit for CVE-2024-4956
Badges !MIT Licensehttps://img.shields.io/badge/Licens...
Exploit for CVE-2024-4956
CVE-2024-4956-Sonatype-Nexus-Repository-Manager Sonatype Ne...
CVE-2024-4956
creationtimestamp| type| source ---|---|--- 2024-05-23 08:17:43+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7389 2024-05-23 08:22:01+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7390 2024-05-23 11:27:11+00:00| published-proof-of-concept|...
CVE-2024-4956
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...
CVE-2024-4956
Affected product: Sonatype Nexus Repository 3. Vulnerability: Path Traversal (CWE-22) allowing an unauthenticated attacker to read system files. Root cause / details: Unauthenticated path traversal in Nexus Repository 3 enables access to sensitive files; fixed in version 3.68.1. Impact (as stated...
CVE-2024-4956 Nexus Repository 3 - Path Traversal
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...