CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

7.5CVSS6.3AI score0.00363EPSS

Exploits0References1

OSV•added 2024/02/02 9:15 a.m.•0 views

CVE-2024-22851

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

7.5CVSS5.8AI score0.00363EPSS

Exploits0References3

NVD•added 2024/02/02 9:15 a.m.•6 views

CVE-2024-22851

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

7.5CVSS7.2AI score0.00363EPSS

Exploits0References3

Prion•added 2024/02/02 9:15 a.m.•8 views

Directory traversal

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

5CVSS6.6AI score0.00363EPSS

Exploits0References2Affected Software1

CNNVD•added 2024/02/02 12:0 a.m.•1 views

LiveConfig Security Vulnerability

LiveConfig is a control panel software from the German company LiveConfig. It is used to simplify server configuration and ensure reliable and secure operation. A security vulnerability exists in versions of LiveConfig prior to v.2.5.2. A remote attacker could use this vulnerability to obtain...

7.5CVSS6.4AI score0.00363EPSS

Exploits0References2

Positive Technologies•added 2024/02/02 12:0 a.m.•2 views

PT-2024-19585 · Unknown · Liveconfig

Name of the Vulnerable Software and Affected Versions: LiveConfig versions prior to 2.5.2 Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information via a crafted request to the "/static/" endpoint. This enables the attacker to access files or directories th...

7.5CVSS7.3AI score0.00363EPSS

Exploits0References8

Cvelist•added 2024/02/02 12:0 a.m.•12 views

CVE-2024-22851

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

7.3AI score0.00363EPSS

Exploits0References3

Vulnrichment•added 2024/02/02 12:0 a.m.•10 views

CVE-2024-22851

Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint...

6.3AI score0.00363EPSS

Exploits0References3

CVE•added 2024/02/02 12:0 a.m.•39 views

CVE-2024-22851

CVE-2024-22851 affects LiveConfig prior to 2.5.2. The issue is a directory traversal in the /static/ endpoint that allows a remote attacker to disclose sensitive information. Affected component is the LiveConfig web interface; root cause is improper validation of path traversal in requests to /st...

7.5CVSS7.1AI score0.00363EPSS

Exploits0References3Affected Software1

OSV•added 2022/02/18 9:15 p.m.•0 views

CVE-2021-40841

A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server...

6.5CVSS5.8AI score

Exploits0References2

NVD•added 2022/02/18 9:15 p.m.•14 views

CVE-2021-40840

A Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2...

5.4CVSS0.00302EPSS

Exploits0References2