Lucene search
K

4 matches found

NVD
NVD
added 2016/04/22 10:59 a.m.25 views

CVE-2016-1594

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a 1 downloadLogFiles or 2 downloadFile action...

6.5CVSS6.1AI score0.06902EPSS
Exploits3References5
Prion
Prion
added 2016/04/22 10:59 a.m.21 views

Directory traversal

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

6.5CVSS7.2AI score0.64142EPSS
Exploits7References8Affected Software1
Cvelist
Cvelist
added 2016/04/22 10:0 a.m.29 views

CVE-2016-1593

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

7AI score0.64142EPSS
Exploits7References8
Cvelist
Cvelist
added 2016/04/22 10:0 a.m.33 views

CVE-2016-1594

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a 1 downloadLogFiles or 2 downloadFile action...

6.2AI score0.06902EPSS
Exploits3References5
Rows per page
Query Builder