Lucene search
K

167 matches found

github
github
added 2018/10/19 4:52 p.m.32 views

High severity vulnerability that affects org.dspace:dspace-xmlui

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI...

7.5CVSS5.2AI score0.02856EPSS
Exploits0References5Affected Software1
cnvd
cnvd
added 2018/07/12 12:0 a.m.6 views

Dspace Directory Traversal Vulnerability

Dspace is an open source digital asset management system. The system is primarily used to manage and distribute data consisting of digital files or "bitstreams". A directory traversal vulnerability exists in the XMLUI functionality in Dspace versions prior to 3.6, 4.x versions prior to 4.5, and 5...

7.5CVSS7.4AI score0.02856EPSS
Exploits0References1
osv
osv
added 2018/07/10 11:29 a.m.13 views

CVE-2016-10726

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI...

7.5CVSS7AI score
Exploits0References3
nvd
nvd
added 2018/07/10 11:29 a.m.21 views

CVE-2016-10726

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI...

7.5CVSS7.6AI score0.02856EPSS
Exploits0References3
prion
prion
added 2018/07/10 11:29 a.m.13 views

Directory traversal

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI...

5CVSS7.2AI score0.02856EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2018/07/10 11:0 a.m.24 views

CVE-2016-10726

The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI...

7.6AI score0.02856EPSS
Exploits0References3
cve
cve
added 2018/07/10 11:0 a.m.71 views

CVE-2016-10726

CVE-2016-10726 affects the DSpace XMLUI component. It describes a directory traversal vulnerability in the XMLUI feature present in DSpace versions: before 3.6, 4.x before 4.5, and 5.x before 5.5. The underlying issue is traversal via the themes/ path when a URI contains two or more arbitrary cha...

7.5CVSS7.5AI score0.02856EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder