Lucene search
K

26 matches found

ATTACKERKB
ATTACKERKB
added 2022/05/05 5:15 p.m.3 views

CVE-2022-28533

Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/viewdetails.php...

9.8CVSS7.3AI score0.0149EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/03/07 5:26 p.m.74 views

CVE-2022-26488

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabl...

7CVSS6.4AI score0.01365EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/08/13 5:29 p.m.33 views

CVE-2017-7500

It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory ...

7.8CVSS6.9AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2015/02/09 9:44 p.m.6 views

MGASA-2015-0057 Updated moodle packages fix CVE-2015-1493

Updated moodle package fixes security vulnerability: In Moodle before 2.6.8, parameter "file" passed to scripts serving JS was not always cleaned from including "../" in the path, allowing to read files located outside of moodle directory. All OS's are affected, but especially vulnerable are...

6.8CVSS6.2AI score0.02638EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2013/01/08 4:31 a.m.4 views

ruby: unintentional file creation caused by inserting an illegal NUL character

The rbgetpathcheck function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path...

5CVSS7.2AI score0.02204EPSS
Exploits1References4
myhack58
myhack58
added 2009/12/06 12:0 a.m.38 views

Clever use of voyagers to find out the fckeditor upload secure path-vulnerability warning-the black bar safety net

Recently a friend asked me to use the Fckeditor upload vulnerability and combined 2 0 0 3 the server parses the vulnerability to get the site webshell time is always not found after upload the path to the file, what should I do? Believe this problem should be a lot of friends encountered. First w...

7.5AI score
Exploits0
Rows per page
Query Builder