CVE-2021-4471 TG8 Firewall Unauthenticated User Password Disclosure

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading...

Google Golang 路径遍历漏洞

Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...

Generic HTTP Directory Traversal / File Inclusion (Web Application URL Parameter) - Active Check

Generic check for HTTP directory traversal / file inclusion vulnerabilities within URL parameters of the remote web application. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2017-10974

Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...

CVE-2017-10974

Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...

CVE-2017-10974

Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...

Mandrake 6.1/7.0/7.1 /perl http Directory Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1678/info The default configuration files for versions of modperl shipped with Mandrake Linux 6.1 through 7.1 contain a misconfiguration that can be a security concern in some situations. The /perl directory is part of th...

Generic HTTP Directory Traversal Utility

This module allows you to test if a web server or web application is vulnerable to directory traversal with three different actions. The 'CHECK' action default is used to automatically or manually find if directory traversal exists in the web server, and then return the path that triggers the...

Mandrake 6.17.07.1 - perl HTTP Directory Disclosure

Mandrake 6.17.07.1 - perl HTTP Directory Disclosure source: https://www.securityfocus.com/bid/1678/info The default configuration files for versions of modperl shipped with Mandrake Linux 6.1 through 7.1 contain a misconfiguration that can be a security concern in some situations. The /perl...

Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure

source: https://www.securityfocus.com/bid/1678/info The default configuration files for versions of modperl shipped with Mandrake Linux 6.1 through 7.1 contain a misconfiguration that can be a security concern in some situations. The /perl directory is part of the webserver's root tree the...