Lucene search
K

12 matches found

BDU FSTEC
BDU FSTEC
added 2025/06/10 12:0 a.m.7 views

The vulnerability of the get_file_from_qtn() function in the router_command.sh script of the Quantenna Wi-Fi chip’s software allows a hacker to execute arbitrary commands.

The vulnerability of the getfilefromqtn function in the routercommand.sh script of the Quantenna Wi-Fi chip’s microprogramming system is related to the implementation or modification of arguments. Exploiting this vulnerability could allow a perpetrator to execute arbitrary commands...

7.7CVSS5.8AI score0.00626EPSS
Exploits0References3Affected Software7
RedhatCVE
RedhatCVE
added 2025/05/21 8:25 p.m.7 views

CVE-2002-1855

Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

5CVSS7AI score0.02178EPSS
Exploits0References1
NVD
NVD
added 2025/02/18 1:15 a.m.14 views

CVE-2025-25224

The LuxCal Web Calendar prior to 5.3.3M MySQL version and prior to 5.3.3L SQLite version contains a missing authentication vulnerability in dloader.php. If this vulnerability is exploited, arbitrary files on a server may be obtained...

7.5CVSS0.00533EPSS
Exploits0References3
Prion
Prion
added 2011/08/25 2:22 p.m.14 views

Arbitrary file deletion

RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval vulnerability."...

5CVSS7.3AI score0.01229EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2007/01/18 12:0 a.m.21 views

ArsDigita Community System 3.4.x - Directory Traversal

ArsDigita Community System 3.4.x - Directory Traversal source: https://www.securityfocus.com/bid/22121/info ArsDigita Community System is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2003/02/28 12:0 a.m.24 views

Apple QuickTimeDarwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure

Apple QuickTimeDarwin Streaming Server 4.1.x - parsexml.cgi File Disclosure source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters give...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/02/28 12:0 a.m.29 views

Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure

source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters given to the parsexml.cgi script. Information obtained in this manner may be use...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/03/27 12:0 a.m.31 views

MS02-009: IE VBScript Handling patch (318089)

The remote host is running a version of Internet Explorer that may allow an attacker to read local files on the remote host. To exploit this flaw, an attacker would need to lure a victim on the remote system into visiting a rogue website. C Tenable Network Security, Inc. include"compat.inc"; if...

5CVSS5.6AI score0.18223EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2001/08/31 12:0 a.m.27 views

SIX-webboard 2.01 - File Retrieval

source: https://www.securityfocus.com/bid/3175/info SIX-webboard 2.01 does not filter ".." and "/" from user input, allowing users to enter arbitrary values in order to view or retrieve files not normally accessible to them from the remote host...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/03 12:0 a.m.28 views

Roxen security alert: URL decoding vulnerable

Roxen Webserver 2.0 up to version 2.0.92 and 2.1 up to version 2.1.264 has a vulnerability that allows any user to retrieve any file from the host with the privileges of the web server. Having the CGI-module enabled escalates the problem by making it possible to run any executable. Description In...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2000/08/02 12:0 a.m.20 views

Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval

Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval source: https://www.securityfocus.com/bid/1550/info ntop is a tool that shows the network usage, similar to what the popular top Unix command does. Starting ntop in web mode with the -w parameter starts ntop with it's own built in HTTP server,...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/12 12:0 a.m.32 views

AVM KEN! 1.3.10/1.4.30 - Remote Denial of Service

source: https://www.securityfocus.com/bid/1103/info A remote user on the local network is capable of retrieving any known file from a machine running AVM KEN!. This is accomplished by appending ../ to a URL utilizing port 3128 to escape the regular web file structure, and appending the remaining...

7AI score
Exploits0
Rows per page
Query Builder