Lucene search
K

126 matches found

NVD
NVD
added 2016/01/30 3:59 p.m.14 views

CVE-2016-0867

CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request...

7.8CVSS7.5AI score0.02196EPSS
Exploits0References1
Prion
Prion
added 2016/01/30 3:59 p.m.11 views

Server side request forgery (ssrf)

CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request...

7.8CVSS7.2AI score0.02196EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/01/30 3:0 p.m.18 views

CVE-2016-0867

CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request...

7.5AI score0.02196EPSS
Exploits0References1
NVD
NVD
added 2016/01/26 7:59 p.m.20 views

CVE-2016-1490

The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list...

4.1CVSS4.2AI score0.01724EPSS
Exploits1References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

XLight FTP Server 1.52 Remote Send File Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9668/info A remote denial of service vulnerability has been reported to exist in the Send File Request functionality of the XLight FTP server. Due to this issue a remote attacker may be able cause the affected server to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)

No description provided by source. / Shoutcast = 1.9.4 exploit by crash-x Trys to upload the shellcode to a fixed address and execute it. This exploit was not written bei Simon 'Zodiac' Moser segfault.ch. / include stdio.h include stdlib.h include stdarg.h include string.h include sys/types.h...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.51 views

CA Erwin Web Portal directory traversal

File request is not checked...

7.5CVSS3.5AI score0.05289EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2013/07/18 12:51 p.m.20 views

CVE-2013-3426

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810...

5CVSS6.6AI score0.01187EPSS
Exploits0References1
Prion
Prion
added 2013/07/18 12:51 p.m.18 views

Cross site request forgery (csrf)

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810...

5CVSS7.2AI score0.01187EPSS
Exploits0References1
exploitpack
exploitpack
added 2012/02/08 12:0 a.m.29 views

Cyberoam Central Console 2.00.2 - Remote File Inclusion

Cyberoam Central Console 2.00.2 - Remote File Inclusion Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2011/09/24 12:0 a.m.23 views

CVE-2011-3808

The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svnintegration/config.inc.php and certain other files...

6.1AI score0.01229EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.18 views

CVE-2011-3706

ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/toolsettings.inc.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
securityvulns
securityvulns
added 2010/02/25 12:0 a.m.31 views

Novell NetStorage buffer overflow

Heap buffer overflow on file request processing...

2.6AI score
Exploits0References1
Prion
Prion
added 2008/01/25 1:0 a.m.39 views

Code injection

curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...

5CVSS6.3AI score0.05575EPSS
Exploits2References28Affected Software1
UbuntuCve
UbuntuCve
added 2008/01/24 12:0 a.m.27 views

CVE-2007-4850

curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...

5CVSS6AI score0.05575EPSS
Exploits2References3
seebug.org
seebug.org
added 2007/12/22 12:0 a.m.45 views

Adobe Flash Player ActionScript SecurityErrorEvent绕过安全限制漏洞

BUGTRAQ ID: 25260 CVECAN ID: CVE-2007-4324 Flash Player是一款非常流行的FLASH播放器。 Flash Player中的ActionScript 3(AS3)允许远程攻击者通过指定了连接的SWF电影绕过安全沙盒模型获得敏感信息并端口扫描任意主机,然后使用SecurityErrorEvent错误的定时差异判断端口是否开放。 AS3 Adobe引入了新的套接字相关事件SecurityErrorEvent。当Flash Player试图连接到关闭的TCP端口时会立即出现SecurityErrorEvent,如果服务在监听该端口Flash...

5CVSS0.1AI score0.07933EPSS
Exploits1
Cvelist
Cvelist
added 2007/10/19 10:0 a.m.20 views

CVE-2003-1394

CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file...

6.2AI score0.01324EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/08/10 12:0 a.m.73 views

Design flaw in AS3 socket handling allows port probing

Design flaw in AS3 socket handling allows port probing Summary Due to a design flaw in ActionScript 3 socket handling, compiled Flash movies are able to scan for open TCP ports on any host reachable from the host running the SWF, bypassing the Flash Player Security Sandbox Model and without the...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/18 12:0 a.m.38 views

Adobe JRun / ColdFusion DoS

Denial of service under IIS Server on file request to JRun root folder...

4.3CVSS2.5AI score0.25617EPSS
Exploits0Affected Software2
Prion
Prion
added 2007/03/16 8:19 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root...

4.3CVSS7.1AI score0.25617EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder