CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-2314

Malware in sbrugna...

5CVSS6.2AI score0.00435EPSS

Exploits1References6

Cvelist•added 2025/07/20 2:44 a.m.•9 views

CVE-2025-7864 thinkgem JeeSite FileUploadController.java upload unrestricted upload

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. It is possible to initiate the attack...

6.5CVSS0.00203EPSS

Exploits1References6

Packet Storm•added 2017/09/14 12:0 a.m.•44 views

EMC CMCNE 11.2.1 FileUploadController Remote Code Execution

require 'msf/core' class MetasploitModule 'EMC CMCNE FileUploadController Remote Code Execution', 'Description' = %q This module exploits a fileupload vulnerability found in EMC Connectrix Manager Converged Network Edition MSFLICENSE, 'Author' = 'james fitts' , 'References' = 'ZDI', '13-279' ,...

10CVSS0.64844EPSS

Exploits9

Exploit DB•added 2017/09/13 12:0 a.m.•47 views

EMC CMCNE Inmservlets.war FileUploadController 11.2.1 - Remote Code Execution (Metasploit)

require 'msf/core' class MetasploitModule 'EMC CMCNE Inmservlets.war FileUploadController Remote Code Execution', 'Description' = %q This module exploits a file upload vulnerability found in EMC Connectrix Manager Converged Network Edition 'james fitts' , 'License' = MSFLICENSE, 'References' =...

10CVSS7.4AI score0.64844EPSS

Exploits9

Exploit DB•added 2017/09/13 12:0 a.m.•39 views

EMC CMCNE 11.2.1 - FileUploadController Remote Code Execution (Metasploit)

10CVSS7.4AI score0.64844EPSS

Exploits9

Zero Day Initiative•added 2015/07/13 12:0 a.m.•23 views

Samsung SyncThru FileUploadController Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SyncThru. By default, authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadController servlet exposed by fileupload.html. The issue li...

10CVSS9.5AI score0.46933EPSS

Exploits0

Zero Day Initiative•added 2015/07/13 12:0 a.m.•68 views

Samsung SyncThru FileUploadController Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SyncThru. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadController servlet exposed by uploadCloning.html. The issue lies in the...

10CVSS9.4AI score0.46933EPSS

Exploits0

Zero Day Initiative•added 2015/07/13 12:0 a.m.•24 views

Samsung SyncThru FileUploadController Directory Traversal Remote Code Execution Vulnerability

10CVSS9.5AI score0.46933EPSS

Exploits0

Zero Day Initiative•added 2014/04/08 12:0 a.m.•19 views

EMC Connectrix Manager Converged Network Edition inmservlets.war FileUploadController Servlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of EMC Connectrix Manager Converged Network Edition. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadController servlet which is part of...

5CVSS6.1AI score0.00435EPSS

Exploits1References1

Check Point Advisories•added 2014/04/02 12:0 a.m.•3 views

EMC CMCNE FileUploadController Information Disclosure (CVE-2014-2276)

An information disclosure vulnerability has been reported in EMC Connectrix Manager Converged Network Edition. The vulnerability is due to insufficient input validation in the FileUploadController servlet when processing certain HTTP requests. A remote unauthenticated attacker can exploit this...

5CVSS6AI score0.00435EPSS

Exploits1

securityvulns•added 2014/03/24 12:0 a.m.•49 views

ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability

ESA-2014-018.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability EMC Identifier: ESA-2014-018 CVE Identifier: CVE-2014-2276 Severity Rating: CVSS v2 Base Score: CVSS: 5 AV:N/AC:L/Au:N/C:P/I:N/A:N...

5CVSS0.8AI score0.00435EPSS

Exploits1

NVD•added 2014/03/21 2:55 p.m.•9 views

CVE-2014-2276

The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition CMCNE before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file...

5CVSS6AI score0.00435EPSS

Exploits1References5

Prion•added 2014/03/21 2:55 p.m.•15 views

Design/Logic Flaw

5CVSS6.6AI score0.00435EPSS

Exploits1References5Affected Software1

Cvelist•added 2014/03/21 2:0 p.m.•16 views

CVE-2014-2276

6AI score0.00435EPSS

Exploits1References5

CVE•added 2014/03/21 2:0 p.m.•42 views

CVE-2014-2276

EMC Connectrix Manager Converged Network Edition (CMCNE) affected before 12.1.5. The FileUploadController servlet fails input validation, enabling an unauthenticated remote attacker to disclose arbitrary files by importing a crafted firmware file (information disclosure). Some sources describe un...

5CVSS6.2AI score0.00435EPSS

Exploits1References5Affected Software1

seebug.org•added 2014/03/21 12:0 a.m.•18 views

EMC Connectrix Manager Converged Network Edition 远程信息泄露漏洞

BUGTRAQ ID: 66308 CVE ID: CVE-2014-2276 EMC Connectrix Manager是Connectrix服务器的管理接口，可以集中管理多个交换机等产品。 EMC Connectrix Manager Converged Network Edition 12.1.2及其他版本的FileUploadController在实现上存在任意文件信息泄露漏洞，FileUploadController服务程序用于导入固件文件到Connectrix Manager库，成功利用后可使攻击者获取敏感信息。 0 EMC Connectrix Manager...

5CVSS6.4AI score0.00435EPSS

Exploits1

Zero Day Initiative•added 2013/12/18 12:0 a.m.•63 views

EMC Connectrix Manager Converged Network Edition FileUploadController Servlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Connectrix Manager Converged Network Edition. Authentication is not required to exploit this vulnerability. The specific flaw exists within the 'FileUploadController' servlet, which allows an...

10CVSS7.1AI score0.64844EPSS

Exploits9References1

Zero Day Initiative•added 2013/12/18 12:0 a.m.•18 views

EMC Connectrix Manager Converged Network Edition inmservlets.war FileUploadController Servlet Remote Code Execution Vulnerability

10CVSS7AI score0.64844EPSS

Exploits9References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by