Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-27298

Malware in sbrugna...

6.4CVSS6.5AI score0.00099EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 6:8 a.m.1 views

SUSE CVE-2008-1290

ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion SVN commits, which allows remote attackers to obtain sensitive information...

4.3CVSS6.9AI score0.00718EPSS
Exploits0References4
Prion
Prionadded 2021/09/27 1:15 p.m.14 views

Server side request forgery (ssrf)

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents...

5.5CVSS6.2AI score0.00099EPSS
Exploits0References2Affected Software1
Hacker One
Hacker Oneadded 2019/11/14 12:9 p.m.6 views

Clario: Bypass front server restrictions and access to forbidden files and directories through X-Rewrite-Url/X-original-url header on account.mackeeper.com

Summary Normally a client can't access /admin directory because of front nginx server which returns 403. But we can use X-Rewrite-Url or X-original-url because back server processes these headers and front server doesn't. Steps to reproduce: This request shows normal behavior curl -i -s -k -X...

1.9AI score
Exploits0
Hacker One
Hacker Oneadded 2018/01/24 7:2 p.m.32 views

Node.js third-party modules: [serve] Directory listing and File access even when they have been set to be ignored.

Module: - Name: serve - Version: latest 6.4.9 - Link: https://www.npmjs.com/package/serve Description: The serve modules allows directory browsing and to serve static files through the browser. The config option ignore can be used to tell the module which file or directory are forbidden and shoul...

5CVSS5AI score0.00243EPSS
Exploits1
Cvelist
Cvelistadded 2008/03/24 5:0 p.m.16 views

CVE-2008-1290

ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion SVN commits, which allows remote attackers to obtain sensitive information...

6.2AI score0.00718EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2008/03/21 12:0 a.m.28 views

GLSA-200803-29 : ViewVC: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-29 ViewVC: Multiple vulnerabilities Multiple unspecified errors were reportedly fixed by the ViewVC development team. Impact : A remote attacker could send a specially crafted URL to the server to list CVS or SVN commits on...

4.3CVSS5.6AI score0.00718EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2008/03/04 12:0 a.m.13 views

Fedora 7 : viewvc-1.0.5-1.fc7 (2008-2143)

These security issues have been fixed: - omit commits of all-forbidden files from query results - disallow direct URL navigation to hidden CVSROOT folder - strip forbidden paths from revision view - don't traverse log history thru forbidden locations - honor forbiddenness via diff view path...

5.5AI score
Exploits0References2
Rows per page
Query Builder