Lucene search
K

7 matches found

NVD
NVD
added 2023/03/09 5:15 p.m.14 views

CVE-2023-1288

An XML External Entity injection XXE vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server...

7.5CVSS6.8AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/05/20 11:20 p.m.31 views

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

7.5CVSS4AI score0.01699EPSS
Exploits0References2
Hacker One
Hacker One
added 2019/10/22 12:37 p.m.158 views

Infogram: LFI through the MySQL connection

Hello team! I've found a way to read Infogram's server local files through the MySQL connection. The problem is that you're using the LOAD DATA LOCAL feature with your MySQL client. This how an attacker can easily send server's local files to her/his database. I've successfully readed the...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2019/06/05 6:29 p.m.24 views

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

7.5CVSS7.1AI score0.01699EPSS
Exploits0References7
NVD
NVD
added 2018/07/20 10:29 p.m.28 views

CVE-2018-3770

A path traversal exists in markdown-pdf version 9.0.0 that allows a user to insert a malicious html code that can result in reading the local files...

5.5CVSS5.4AI score0.00501EPSS
Exploits1References1
OSV
OSV
added 2018/06/11 9:29 p.m.3 views

CVE-2018-5107

The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. Thi...

5.3CVSS7.4AI score0.01793EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2014/05/31 12:0 a.m.51 views

KLA10070 RLF vulnerability in Apache Tomcat

An improper class constriction vulnerability was found in Apache Tomcat. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited from the network at a point related to the XML parser via a specially designed web application. Original advisori...

4.3CVSS6.7AI score0.07616EPSS
Exploits0References3
Rows per page
Query Builder