43 matches found
๐ Repetier-Server 1.4.10 Path Traversal
Repetier-Server versions 1.4.10 and below suffer from a path traversal vulnerability. Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str,...
Repetier-Server 1.4.10 - Path Traversal
Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str, filepath: str, traversaldepth: int = 15, timeout: int = 10 - bool: traversal =...
Exploit for Path Traversal in Repetier-Server
Repetier-Server |HTTP request with ..%5c traversal| BRepetier...
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
CVE-2023-31061
Repetier Server through 1.4.10 does not have CSRF protection...
EUVD-2023-35394
Malicious code in bioql PyPI...
EUVD-2023-35393
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
CVE-2023-31061
Repetier Server through 1.4.10 does not have CSRF protection...
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
CVE-2023-31061
Repetier Server through 1.4.10 does not have CSRF protection...
Cross site request forgery (csrf)
Repetier Server through 1.4.10 does not have CSRF protection...
Directory traversal
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
Design/Logic Flaw
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
PT-2023-23126 ยท Unknown ยท Repetier Server
Name of the Vulnerable Software and Affected Versions: Repetier Server versions prior to 1.4.11 Description: The issue allows for execution as SYSTEM, which can be exploited for full compromise when combined with other vulnerabilities. Recommendations: For Repetier Server versions prior to 1.4.11...