VulnCheck KEV: CVE-2020-19363

Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories...

CVE-2023-28465

The package-decompression feature in HL7 Health Level 7 FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to certain directories via directory traversal, if an allowed directory name is a substring of the directory name chosen by the attacker. NOTE: this issue exists...

GHSA-C5R9-RX53-Q3GF Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries Plugin

Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs. This directory is used by the Pipeline: Shared Groovy Libraries Plugin to store copies of shared libraries. This allows attackers...

jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...

DEBIAN-CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files...

CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

XSS vulnerabilities

PMASA-2005-8 Announcement-ID: PMASA-2005-8 Date: 2005-12-05 Summary XSS vulnerabilities Description It was possible to conduct an XSS attack via the HTTPHOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS. Severity We consider these...

phpmyadmin -- XSS vulnerabilities

A phpMyAdmin security advisory reports: It was possible to conduct an XSS attack via the HTTPHOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS...

CVE-2005-3622

phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory...

CVE-2005-3622

phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory...