Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-15034

Malware in sbrugna...

6.7CVSS6.6AI score0.01047EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-15035

Malware in sbrugna...

4.9CVSS5.2AI score0.01598EPSS
Exploits1References2
CNVD
CNVD
added 2017/05/25 12:0 a.m.5 views

Sitecore CRM Code Execution Vulnerability

Sitecore CRM is a suite of customer relationship management solutions from Sitecore Denmark. A code execution vulnerability exists in the Package Manager in Sitecore CRM version 8.1 Rev 151207. A remote attacker can exploit this vulnerability by creating a ZIP archive file to execute arbitrary AS...

6.7CVSS8.1AI score0.01047EPSS
Exploits1References1
Prion
Prion
added 2017/05/23 5:29 a.m.15 views

Code injection

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.5CVSS6.7AI score0.01047EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/05/23 5:29 a.m.16 views

CVE-2017-5965

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.7CVSS6.8AI score0.01047EPSS
Exploits1References1
Prion
Prion
added 2017/05/23 5:29 a.m.12 views

Path traversal

Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter...

4CVSS5AI score0.01598EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/05/23 5:14 a.m.43 views

CVE-2017-5966

CVE-2017-5966 affects Sitecore CRM 8.1 Rev 151207. The vulnerability is an absolute path traversal in sitecore/shell/download.aspx (parameter: file) that allows remote authenticated administrators to read arbitrary files. Root cause is improper validation of the file parameter in the download end...

4.9CVSS4.9AI score0.01598EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/05/23 5:14 a.m.48 views

CVE-2017-5965

The CVE-2017-5965 vulnerability affects Sitecore CRM 8.1 Rev 151207. The package manager allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive that contains a .asp file with a ..\ in its pathname, uploading it via sitecore/shell/applications/install/di...

6.7CVSS6.7AI score0.01047EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/05/23 5:14 a.m.22 views

CVE-2017-5965

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.8AI score0.01047EPSS
Exploits1References1
Rows per page
Query Builder