Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNVD
CNVDadded 2021/01/29 12:0 a.m.6 views

Nxlog Code Issue Vulnerability

Nxlog is a U.S. Nxlog company can support a variety of operating systems for log collection, log centralization software. A security vulnerability exists in NXLog Community Edition version 2.10.2150, which originates in the fileop module of the NXLog service that allows remote attackers to cause ...

7.5CVSS6.8AI score0.19392EPSS
Exploits3References1
OSV
OSVadded 2021/01/05 3:15 p.m.1 views

CVE-2020-35488

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service daemon crash via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslo...

7.5CVSS7.2AI score0.19392EPSS
Exploits3References2
Prion
Prionadded 2021/01/05 3:15 p.m.13 views

Directory traversal

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service daemon crash via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslo...

4.3CVSS7.2AI score0.19392EPSS
Exploits3References2Affected Software1
CVE
CVEadded 2021/01/05 2:3 p.m.105 views

CVE-2020-35488

NXLog Community Edition 2.10.2150 is affected via the fileop module, where a crafted Syslog payload can cause a daemon crash (DoS) when the Syslog field is used to name a directory. Exploitation requires a specific configuration (CreateDir enabled and a Syslog-derived directory name), as shown by...

7.5CVSS7.2AI score0.19392EPSS
Exploits3References2Affected Software1
CNNVD
CNNVDadded 2021/01/05 12:0 a.m.2 views

Nxlog 代码问题漏洞

Nxlog is a U.S. Nxlog company can support a variety of operating systems for log collection, log centralization software. A security vulnerability exists in NXLog Community Edition version 2.10.2150, which originates in the fileop module of the NXLog service that allows remote attackers to cause ...

7.5CVSS7.2AI score0.19392EPSS
Exploits3References3
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.10 views

cPanel 11.x 'fileop' Parameter Multiple Cross Site Scripting Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
NVD
NVDadded 2010/04/27 3:30 p.m.12 views

CVE-2009-4823

Cross-site scripting XSS vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter...

4.3CVSS5.7AI score0.02356EPSS
Exploits1References6
seebug.org
seebug.orgadded 2009/12/23 12:0 a.m.14 views

cPanel fileop参数跨站脚本漏洞

BUGTRAQ ID: 37394 cPanel是基于Web的工具,用于自动化控制网站和服务器。 cPanel没有正确地过滤提交给frontend/x3/files/fileop.html的fileop参数便返回给了用户,远程攻击者可以通过提交恶意参数请求执行跨站脚本攻击,在用户浏览器会话中执行任意代码。 cPanel 11.x 厂商补丁: cPanel ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.cpanel.net...

6.9AI score
Exploits0
Rows per page
Query Builder