GRR 4.0.0.0

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR...

EUVD-2018-0220

Malware in sbrugna...

SUSE CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

Exploit for Cross-site Scripting in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902 RCE /tmui/login.jsp/..;/tmui/locallb/workspac...

Directory traversal

Directory traversal in listfolders method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to list directory contents via the "path" parameter...

CVE-2018-13322

Directory traversal in listfolders method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to list directory contents via the "path" parameter...

python: potential XSS in SimpleHTTPServer's list_directory()

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

OpenJDK allows to list files within the user home directory (6484091)

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors...

CVE-2008-1606

Multiple directory traversal vulnerabilities in Elastic Path EP 4.1 and 4.1.1 allow remote attackers to 1 download arbitrary files via a .. dot dot in the file parameter to manager/getImportFileRedirect.jsp, 2 upload arbitrary files via a ".." dot dot backslash in the file parameter to...

Directory traversal

Multiple directory traversal vulnerabilities in Elastic Path EP 4.1 and 4.1.1 allow remote attackers to 1 download arbitrary files via a .. dot dot in the file parameter to manager/getImportFileRedirect.jsp, 2 upload arbitrary files via a ".." dot dot backslash in the file parameter to...

CVE-2005-3293

Xerver 4.17 allows remote attackers to 1 obtain source code of scripts via a request with a trailing "." dot or 2 list directory contents via a trailing null character...