Lucene search
K

5 matches found

CVE
CVE
added 2024/10/21 4:12 p.m.51 views

CVE-2024-49366

Nginx UI (versions up to 2.0.0-beta.35) is affected by a directory-traversal vulnerability where the UI reads a value from a JSON field without verification, enabling payloads like ../../ to write arbitrary files on the server and potentially cause permission loss. A fix is available: upgrade to ...

8.7CVSS7.5AI score0.00579EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/21 4:12 p.m.21 views

CVE-2024-49366 Nginx UI's json field can construct a directory traversal payload, causing arbitrary files to be written

Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of ../../. Arbitrary files can be written to the server, which may result in loss of permissions...

8.7CVSS6.5AI score0.00579EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/12/28 7:15 a.m.4 views

CVE-2023-50038

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions...

8.8CVSS7.3AI score0.00811EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/12/28 12:0 a.m.14 views

CVE-2023-50038

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions...

7AI score0.00811EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/08/30 12:0 a.m.8 views

PT-2021-22378 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.13.9 Atlassian Jira Server and Data Center versions 8.14.0 through 8.17.x Description: The issue allows anonymous remote attackers to continue viewing cached content even after losing...

7.5CVSS7.3AI score0.01809EPSS
Exploits0References7
Rows per page
Query Builder