CVE-2025-2529 IBM Terracotta denial of service

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

EUVD-2008-6489

Malware in sbrugna...

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of...

XML external entity injection in Terracotta Quartz Scheduler

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

Researchers Uncover Chinese VPN Service Used by APT Crews for Cover

Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a...

Terracotta - 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28550/info Terracotta is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local...

Design/Logic Flaw

index.php in Terracotta aka OpenTerracotta 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message...

Directory traversal

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta aka OpenTerracotta 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. dot dot in the 1 CurrentDirectory and 2 Fi...

CVE-2008-6521

index.php in Terracotta aka OpenTerracotta 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message...

CVE-2008-6522

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta aka OpenTerracotta 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. dot dot in the 1 CurrentDirectory and 2 Fi...

CVE-2008-6521

CVE-2008-6521 affects Terracotta/OpenTerracotta 0.6.1. The index.php vulnerable path allows remote attackers to obtain sensitive information via an invalid File parameter, revealing the installation path in an error message. Impact: information disclosure. Vector: network access to the vulnerable...

CVE-2008-6522

CVE-2008-6522 affects Terracotta (OpenTerracotta) 0.6.1 and possibly other versions. The vulnerability resides in the RenderFile function of ContentRender.class.php, enabling remote attackers to traverse directories and read arbitrary files by injecting a .. in the (1) CurrentDirectory or (2) Fil...

CVE-2008-6521

index.php in Terracotta aka OpenTerracotta 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message...

CVE-2008-6522

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta aka OpenTerracotta 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. dot dot in the 1 CurrentDirectory and 2 Fi...

Terracotta Personal Edition Multiple vulnerabilities

Its been awhile since I've posted something, so lets get to the goods. Terracotta is a an open source CMS from http://sourceforge.net/projects/terracotta/ First up, we have Full path disclosure vulnerabilities in the GET'd variable 'File'. Specify something other than whats in the list and we get...

Terracotta - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/28550/info Terracotta is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files in the context of the webserve...

Terracotta - index.php Local File Inclusion

Terracotta - index.php Local File Inclusion source: https://www.securityfocus.com/bid/28550/info Terracotta is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to vie...