Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2018/09/14 12:0 a.m.55 views

Apache Portals Pluto 3.0.0 Remote Code Execution

Exploit Title: Apache Portals Pluto 3.0.0 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://portals.apache.org/pluto/ Software Link: http://archive.apache.org/dist/portals/pluto/ Version: 3.0.0 Tested on: Windows Advisory:...

5CVSS7.5AI score0.43895EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/13 12:0 a.m.27 views

Apache Portals Pluto 3.0.0 - Remote Code Execution

Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit Title: Apache Portals Pluto 3.0.0 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://portals.apache.org/pluto/ Software Link: http://archive.apache.org/dist/portals/pluto/ Version: 3.0.0 Tested...

5CVSS7.8AI score0.43895EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/09/13 12:0 a.m.36 views

Apache Portals Pluto 3.0.0 - Remote Code Execution

Exploit Title: Apache Portals Pluto 3.0.0 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://portals.apache.org/pluto/ Software Link: http://archive.apache.org/dist/portals/pluto/ Version: 3.0.0 Tested on: Windows Advisory:...

7.5CVSS7.5AI score0.43895EPSS
Exploits5
NVD
NVD
added 2018/06/27 6:29 p.m.25 views

CVE-2018-1306

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain...

7.5CVSS7.4AI score0.43895EPSS
Exploits5References2
Prion
Prion
added 2018/06/27 6:29 p.m.17 views

Design/Logic Flaw

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain...

5CVSS7.3AI score0.43895EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2018/06/27 6:0 p.m.26 views

CVE-2018-1306

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain...

7.4AI score0.43895EPSS
Exploits5References2
CVE
CVE
added 2018/06/27 6:0 p.m.103 views

CVE-2018-1306

Apache Pluto (Portals Pluto) 3.0.0, specifically the PortletV3AnnotatedDemo Multipart Portlet WAR, is affected. The root cause is failure to restrict path information during file uploads, leading to information disclosure of configuration data and other sensitive files. The CVE-2018-1306 entry in...

7.5CVSS7.3AI score0.43895EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder