Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

CVE
CVEadded 2015/08/13 2:0 p.m.109 views

CVE-2015-4666

CVE-2015-4666 affects Xceedium Xsuite 2.4.4.5 and earlier, exposing a directory-traversal flaw in the opm/read_sessionlog.php script. The vulnerability allows unauthenticated users to read arbitrary files via the logFile parameter using a quadruple dot and slash pattern (....//), potentially expo...

5CVSS9.1AI score0.16389EPSS
Exploits5References4Affected Software1
securityvulns
securityvulnsadded 2015/07/05 12:0 a.m.128 views

CollabNet Subversion Edge downloadHook local file inclusion

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

1.2AI score
Exploits0
Prion
Prionadded 2014/06/18 2:55 p.m.11 views

Directory traversal

Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. dot dot in the logfile parameter in a download action...

5CVSS7.1AI score0.06377EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2009/08/18 10:0 p.m.46 views

CVE-2009-1873

Adobe JRun 4.x Management Console is affected by CVE-2009-1873: a directory traversal in logviewer.jsp that, when exploited by an authenticated remote attacker via the logfile parameter, allows reading arbitrary files on the server. Affected product is Adobe JRun Application Server 4 Updater 7. C...

4CVSS6.1AI score0.03693EPSS
Exploits5References5Affected Software1
NVD
NVDadded 2007/05/14 11:19 p.m.10 views

CVE-2007-2667

Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter...

9.3CVSS7.7AI score0.20343EPSS
Exploits0References5
Prion
Prionadded 2007/05/14 11:19 p.m.12 views

Buffer overflow

Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter...

9.3CVSS8.1AI score0.20343EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2006/05/26 1:6 a.m.7 views

CVE-2006-2608

artmedic newsletter 4.1 and possibly other versions, when registerglobals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an...

5.1CVSS7.5AI score0.04655EPSS
Exploits1References6
Exploit DB
Exploit DBadded 2005/02/16 12:0 a.m.23 views

AWStats 5.x/6.x - 'Logfile' Remote Command Execution

source: https://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfile' URI parameter is supplied to th...

7.4AI score
Exploits0
Rows per page
Query Builder