Lucene search
+L

15 matches found

CNNVD
CNNVD
added 2026/01/05 12:0 a.m.5 views

Craft CMS 信息泄露漏洞

Craft CMS is a content management system CMS open source by Craft CMS. An information disclosure vulnerability exists in Craft CMS versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, which stems from improper handling of a user's profile photo, which could lead to the exposure of...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-8666

Malware in sbrugna...

6.5CVSS6.4AI score0.02119EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/23 12:0 a.m.4 views

Simple File Manager 代码问题漏洞

SourceCodester File Manager is a file manager. A code issue vulnerability exists in Simple File Manager version 1.0, which stems from an incorrect manipulation of photo resulting in unrestricted uploads...

9.8CVSS6.6AI score0.00909EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2019/09/03 12:0 a.m.27 views

Roundcube Webmail < 1.0.6, 1.1.x < 1.1.2 Directory Traversal Vulnerability

Roundcube Webmail is prone to a directory traversal vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

6.5CVSS6.5AI score0.02119EPSS
Exploits0References2
OSV
OSV
added 2016/01/29 7:59 p.m.2 views

DEBIAN-CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6.8AI score0.02119EPSS
Exploits0References1
NVD
NVD
added 2016/01/29 7:59 p.m.16 views

CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6.1AI score0.02119EPSS
Exploits0References4
OSV
OSV
added 2016/01/29 7:59 p.m.12 views

CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6.1AI score
Exploits0References5
OSV
OSV
added 2016/01/29 7:59 p.m.3 views

UBUNTU-CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6AI score0.02119EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2016/01/29 7:59 p.m.25 views

CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6.7AI score0.02119EPSS
Exploits0References5
Prion
Prion
added 2016/01/29 7:59 p.m.11 views

Path traversal

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

4CVSS6.7AI score0.02119EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2016/01/29 7:0 p.m.36 views

CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.5CVSS6.1AI score0.02119EPSS
Exploits0
Cvelist
Cvelist
added 2016/01/29 7:0 p.m.26 views

CVE-2015-8794

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...

6.2AI score0.02119EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/08 12:0 a.m.33 views

FreeBSD : roundcube -- multiple vulnerabilities (038a5808-24b3-11e5-b0c8-bf4d8935d4fa)

Roundcube reports : We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially i...

7.5CVSS6.7AI score0.03767EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/06/29 12:0 a.m.19 views

openSUSE Security Update : roundcubemail (openSUSE-2015-454)

roundcubemail was updated to version 1.0.6 to fix many minor bugs and two security issues. The security-related fixes in particular are : - security improvement in DBMail driver of password plugin - security improvement in contact photo handling %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.4AI score
Exploits0
FreeBSD
FreeBSD
added 2015/05/30 12:0 a.m.30 views

roundcube -- multiple vulnerabilities

Roundcube reports: We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially in...

7.5CVSS6.5AI score0.03767EPSS
Exploits0References2
Rows per page
Query Builder