Lucene search
+L

121 matches found

Prion
Prion
added 2015/02/11 7:59 p.m.16 views

Directory traversal

Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a 1 .. dot dot or 2 full pathname in the f parameter...

6.4CVSS7.3AI score0.07268EPSS
Exploits2References3Affected Software1
ArchLinux
ArchLinux
added 2015/02/09 12:0 a.m.42 views

pigz: arbitrary write to files

The package pigz before version 2.3.3-1 is vulnerable to multiple directory traversal vulnerabilities. That allows remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS5.9AI score0.03029EPSS
Exploits1References1
NVD
NVD
added 2015/01/21 6:59 p.m.16 views

CVE-2015-1192

Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive...

5CVSS6.7AI score0.01505EPSS
Exploits1References4
NVD
NVD
added 2015/01/21 6:59 p.m.13 views

CVE-2015-1191

Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS6.8AI score0.03029EPSS
Exploits1References6
Prion
Prion
added 2015/01/21 6:59 p.m.13 views

Directory traversal

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS7.5AI score0.01552EPSS
Exploits1References2
Prion
Prion
added 2015/01/21 6:59 p.m.12 views

Directory traversal

Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS7.4AI score0.03029EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2015/01/21 6:59 p.m.22 views

Design/Logic Flaw

The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerability exists because of a...

6.5CVSS6.5AI score0.0277EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2015/01/21 6:59 p.m.23 views

CVE-2015-1193

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS6AI score0.01552EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2015/01/21 6:0 p.m.10 views

CVE-2015-1191

Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS6.6AI score0.03029EPSS
Exploits1
Cvelist
Cvelist
added 2015/01/21 6:0 p.m.20 views

CVE-2015-1193

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

7AI score0.01552EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2015/01/21 6:0 p.m.34 views

CVE-2015-1193

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

5CVSS6.7AI score0.01552EPSS
Exploits1
OSV
OSV
added 2015/01/07 7:59 p.m.13 views

CVE-2014-9493

The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...

6AI score
Exploits0References8
Prion
Prion
added 2014/12/25 9:59 p.m.35 views

Path traversal

Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value...

7.5CVSS7.8AI score0.0372EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2014/10/21 3:55 p.m.9 views

CVE-2014-4577

Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter...

5CVSS6.8AI score0.03749EPSS
Exploits1References2
NVD
NVD
added 2014/08/03 6:55 p.m.20 views

CVE-2013-5757

Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx...

4CVSS6.2AI score0.02754EPSS
Exploits6References1
Prion
Prion
added 2014/08/03 6:55 p.m.18 views

Path traversal

Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx...

4CVSS6.8AI score0.02754EPSS
Exploits6References1
CVE
CVE
added 2014/08/03 6:0 p.m.57 views

CVE-2013-5757

Yealink VoIP Phone SIP-T38G is affected by CVE-2013-5757 (absolute path traversal) via the cgiServer.exx command parameter (dumpConfigFile). The vulnerability allows remote authenticated users to read arbitrary files by supplying a full pathname, with corroborating references describing /etc/pass...

4CVSS6.4AI score0.02754EPSS
Exploits6References1Affected Software1
NVD
NVD
added 2014/07/29 2:55 p.m.14 views

CVE-2014-5115

Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php...

5CVSS6.7AI score0.0626EPSS
Exploits1References2
Prion
Prion
added 2014/07/29 2:55 p.m.12 views

Path traversal

Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php...

5CVSS7.1AI score0.0626EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/07/29 2:0 p.m.21 views

CVE-2014-5115

Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php...

6.7AI score0.0626EPSS
Exploits1References2
Rows per page
Query Builder