Dell Repository Manager Path Traversal (DSA-2024-190)

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of th...

CVE-2024-28977

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of th...

CVE-2024-28977

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of th...

Dell Repository Manager 输入验证错误漏洞

Dell Repository Manager is a suite of Dell USA's Dell Repository Manager ensures that Dell PowerEdge servers have the latest BIOS, drivers, firmware, and software. A directory traversal vulnerability exists in the Dell Repository Manager logger module, which can be exploited by a local attacker t...

PT-2024-5170 · Dell · Dell Repository Manager

Name of the Vulnerable Software and Affected Versions: Dell Repository Manager versions 3.4.2 through 3.4.4 Description: The issue is related to a Path Traversal vulnerability in the logger module of Dell Repository Manager. This vulnerability can be exploited by a local attacker with low...

Cross-Site Scripting (XSS)

pimcore/pimcore is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to the getTabPanel function in admin.js caused by the From and To fields when searching in the Application Logger module which allows an attacker to inject and execute arbitrary JavaScript...

Design/Logic Flaw

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

CVE-2020-5657

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

antSword

This is a comprehensive analysis of the provided code and metadata from the AntSword repository. Classification: Exploit module/toolkit targeting web applications Primary CVE ID: Not specified Target product/service or framework: Web applications Vulnerability class/vector: Not specified Probable...