3 matches found
CVE-2008-7084
Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. dot dot in the URI...
CVE-2008-7084
CVE-2008-7084 describes a directory traversal vulnerability in the web server 1.0 of Velocity Security Management System. An attacker can read arbitrary files by using a “..” in the URI. The NVD entry lists a CVSSv2 base score of 5.0 (Medium) with network access, low attack complexity, no authent...
Velocity Security Management System HTTP服务器目录遍历漏洞
BUGTRAQ ID: 30261 CNCAN ID:CNCAN-2008071704 Velocity Security Management System是一款系统管理程序。 Velocity Security Management System HTTP服务程序存在目录遍历攻击,远程攻击者可以利用漏洞以应用程序权限查看系统文件内容。 构建包含多个'../'字符作为参数数据,可绕过WEB ROOT限制,以应用程序权限查看系统文件内容。 Hirsch Electronics Velocity Security Management System 1.0 下载最新版本:...