Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-15034

Malware in sbrugna...

6.7CVSS6.6AI score0.01047EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-15035

Malware in sbrugna...

4.9CVSS5.2AI score0.01598EPSS
Exploits1References2
CNVD
CNVD
added 2017/05/25 12:0 a.m.4 views

Sitecore CRM Code Execution Vulnerability

Sitecore CRM is a suite of customer relationship management solutions from Sitecore Denmark. A code execution vulnerability exists in the Package Manager in Sitecore CRM version 8.1 Rev 151207. A remote attacker can exploit this vulnerability by creating a ZIP archive file to execute arbitrary AS...

6.7CVSS8.1AI score0.01047EPSS
Exploits1References1
Prion
Prion
added 2017/05/23 5:29 a.m.15 views

Code injection

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.5CVSS6.7AI score0.01047EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/05/23 5:29 a.m.16 views

CVE-2017-5965

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.7CVSS6.8AI score0.01047EPSS
Exploits1References1
Prion
Prion
added 2017/05/23 5:29 a.m.12 views

Path traversal

Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter...

4CVSS5AI score0.01598EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/05/23 5:14 a.m.21 views

CVE-2017-5965

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.8AI score0.01047EPSS
Exploits1References1
CVE
CVE
added 2017/05/23 5:14 a.m.48 views

CVE-2017-5965

The CVE-2017-5965 vulnerability affects Sitecore CRM 8.1 Rev 151207. The package manager allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive that contains a .asp file with a ..\ in its pathname, uploading it via sitecore/shell/applications/install/di...

6.7CVSS6.7AI score0.01047EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/05/23 5:14 a.m.43 views

CVE-2017-5966

CVE-2017-5966 affects Sitecore CRM 8.1 Rev 151207. The vulnerability is an absolute path traversal in sitecore/shell/download.aspx (parameter: file) that allows remote authenticated administrators to read arbitrary files. Root cause is improper validation of the file parameter in the download end...

4.9CVSS4.9AI score0.01598EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder