Lucene search
+L

186 matches found

Prion
Prion
added 2020/01/21 4:15 p.m.14 views

Path traversal

Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem...

4CVSS6.3AI score0.01059EPSS
Exploits0References2Affected Software1
Metasploit
Metasploit
added 2019/01/19 1:45 p.m.53 views

SAP Management Console List Config Files

This module attempts to list the config files through the SAP Management Console SOAP Interface. Returns a list of config files found in the SAP configuration with its absolute paths inside the server filesystem. This module requires Metasploit: https://metasploit.com/download Current source:...

7.2AI score
Exploits0
CNVD
CNVD
added 2018/12/04 12:0 a.m.2 views

Unspecified Vulnerability in Schneider Electric StruxureWare Data Center Operation

Schneider Electric StruxureWare Data Center Operation is a suite of data center operations software from Schneider Electric, France. The software provides an instant overview of data center operations through inventory management, PUE calculations, real-time equipment alerts and location-based...

8.8CVSS7.1AI score0.01253EPSS
Exploits0References1
Debian
Debian
added 2018/07/24 8:53 p.m.25 views

[SECURITY] [DLA 1441-1] sympa security update

Package : sympa Version : 6.1.23dfsg-2+deb8u2 CVE ID : CVE-2018-1000550 A vulnerability has been discovered in Sympa, a modern mailing list manager, that allows write access to files on the server filesystem. This flaw allows to create or modify any file writable by the Sympa user, located on the...

9.8CVSS8.7AI score0.02576EPSS
Exploits0
OSV
OSV
added 2018/07/03 5:29 p.m.4 views

CVE-2018-11051

RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input parameters of the applicati...

7.5CVSS5.8AI score0.02638EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/03 5:0 p.m.25 views

CVE-2018-11051 RSA Certificate Manager Path Traversal Vulnerability

RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input parameters of the applicati...

7.5CVSS7.6AI score0.02638EPSS
Exploits0References3
Prion
Prion
added 2018/06/26 4:29 p.m.18 views

Directory traversal

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This...

7.5CVSS9.4AI score0.02576EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2018/06/26 4:0 p.m.73 views

CVE-2018-1000550

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This...

9.8CVSS9.5AI score0.02576EPSS
Exploits0
NVD
NVD
added 2018/06/07 2:29 a.m.16 views

CVE-2017-16213

mfrserver is a simple file server. mfrserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.15 views

CVE-2017-16215

sgqserve is a simple file server. sgqserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.25 views

CVE-2017-16196

quickserver is a simple static file server. quickserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.16 views

CVE-2017-16183

iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
NVD
NVD
added 2018/06/07 2:29 a.m.20 views

CVE-2017-16123

welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
Prion
Prion
added 2018/06/07 2:29 a.m.13 views

Directory traversal

jnjjserver is a static file server. jnjjserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

5CVSS7.4AI score0.02005EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.26 views

CVE-2017-16197

qinserve is a static file server. qinserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.03191EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.28 views

CVE-2017-16182

serverxxx is a static file server. serverxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.02005EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.33 views

Root Path Disclosure in send

Versions of send prior to 0.11.2 are affected by an information leakage vulnerability which may allow an attacker to enumerate paths on the server filesystem. Recommendation Update to version 0.11.1 or later...

5.3CVSS5.4AI score0.04697EPSS
Exploits0References7Affected Software1
Packet Storm
Packet Storm
added 2017/10/14 12:0 a.m.69 views

Opentext Documentum Content Server File Hijack / Privilege Escalation

!/usr/bin/env python Opentext Documentum Content Server formerly known as EMC Documentum Content Server does not properly validate input of PUTFILE RPC-command which allows any authenticated user to hijack arbitrary file from Content Server filesystem, because some files on Content Server...

1AI score0.07782EPSS
Exploits4
securityvulns
securityvulns
added 2015/03/23 12:0 a.m.50 views

[ MDVSA-2015:051 ] sympa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:051 http://www.mandriva.com/en/support/security/ Package : sympa Date : March 3, 2015 Affected: Business Server 1.0 Problem Description: Updated sympa packages fix security vulnerability: A vulnerability hav...

5CVSS6.2AI score0.02436EPSS
Exploits0
Mageia
Mageia
added 2015/02/26 8:26 a.m.29 views

Updated sympa packages fix CVE-2015-1306

Updated sympa packages fix security vulnerability: A vulnerability have been discovered in Sympa web interface that allows access to files on the server filesystem. This breach allows to send to a list or a user any file readable by the Sympa user, located on the server filesystem, using the Symp...

6.4AI score
Exploits0References3
Rows per page
Query Builder