102 matches found
CVE-2017-18436
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call SEC-239...
Code injection
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call SEC-239...
CVE-2017-18436
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call SEC-239...
CVE-2018-20879
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...
CVE-2018-20879
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...
Code injection
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...
CVE-2018-20879
Summary: CVE-2018-20879 affects cPanel prior to 74.0.8, where demo accounts could execute arbitrary code via the Fileman::viewfile API (SEC-444). The public records indicate an unknown root cause in Fileman::viewfile that enables code execution. The NVD/CVE entries provide a CVSSv3 base score of ...
CVE-2018-20879
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...
CVE-2019-12905
FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. This issue has been fixed in FileRun 2019.06.01...
DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13792)
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/downloaddir.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server...
DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13788)
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/copyfile.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server...
CVE-2019-11611
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information...
CVE-2019-11607
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information...
Information disclosure
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information...
Information disclosure
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information...
CVE-2019-11611
DoorGets 7.0 is affected by a sensitive information disclosure in /fileman/php/download.php. A remote unauthenticated attacker can exploit this to obtain server‑sensitive information. The connected records corroborate the issue but do not provide the root cause details, affected versions beyond 7...
CVE-2019-11610
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information...
CVE-2019-11610
DoorGets 7.0 contains a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this to obtain server‑sensitive information. The Red Hat, CNVD, CNVD‑style entries and other references in the connected documents corroborate the ...
CVE-2019-11609
The CVE-2019-11609 entry concerns doorGets 7.0, where a vulnerability in /fileman/php/movefile.php allows a remote unauthenticated attacker to disclose server‑level sensitive information or render the server unserviceable. The Red Hat and CNVD/CVE mirrors corroborate the same description. Technic...
CVE-2019-11607
CVE-2019-11607 affects doorGets 7.0. The vulnerability is in /fileman/php/copydir.php and allows a remote unauthenticated attacker to obtain server-sensitive information (information disclosure). Descriptions across sources confirm the issue is tied to doorGets 7.0 and the copydir functionality. ...