14 matches found
CVE-2025-34320
BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This allows unauthenticated directory traversal sequences to cause the server to read arbitrary system files accessible to the account running the service...
EUVD-2016-0881
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-44476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read local files on the server...
CVE-2024-57727
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...
UBUNTU-CVE-2021-44476
A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read local files on the server, including sensitive configuration files...
Path Traversal
Overview droppy is a library for self-hosted file storage. Affected versions of this package are vulnerable to Path Traversal. It is possible to traverse directories to fetch configuration files from a droopy server. PoC GET...
Arbitrary File Read Vulnerability in EDI CMS
ETA CMS is a simple, practical and efficient website builder. ETA CMS has an arbitrary file read vulnerability that can be exploited by an attacker to read configuration files on the server...
Zend Framework Configuration File Disclosure Vulnerability
Zend Framework ZF is the United States Zend company developed a set of open source PHP5 development framework , it is mainly used for the development of Web programs and services. Zend Framework has a configuration file disclosure vulnerability that can be exploited by an attacker to download...
CVE-2007-0080
Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...
Oracle Endeca Information Discovery Integrator ETL Server MoveFile Remote Code Execution Vulnerability
This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the MoveFile...
Buffer overflow
Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...
CVE-2007-0080
Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...
CVE-2007-0080
Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...
Corsaire Security Advisory: PeopleSoft Gateway Administration servlet path disclosure issue
-- Corsaire Security Advisory -- Title: PeopleSoft Gateway Administration servlet path disclosure issue Date: 04.07.03 Application: PeopleTools 8.20/8.43 and prior Environment: Various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c030704-003 -- Scope -...