15 matches found
CVE-2022-43110
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password,...
SAP Capital Yield Tax Management 安全漏洞
SAP Capital Yield Tax Management is a tool for capital gains tax calculation, reporting and compliance management from SAP. A directory traversal vulnerability exists in SAP Capital Yield Tax Management, which can be exploited by an attacker to submit a special request to view the contents of...
Dell Repository Manager 输入验证错误漏洞
Dell Repository Manager is a suite of Dell USA's Dell Repository Manager ensures that Dell PowerEdge servers have the latest BIOS, drivers, firmware, and software. A directory traversal vulnerability exists in the Dell Repository Manager logger module, which can be exploited by a local attacker t...
Vulnerability fixed in Esri ArcGIS Server
A vulnerability has been fixed in Esri ArcGis Server. This vulnerability allows an unauthenticated malicious person through path traversal to view system information from the server on which the application is running. Esri has released updates to fix the vulnerability. For more information, see:...
ZoneMinder 输入验证错误漏洞
ZoneMinder is an open source video surveillance software system that supports IP, USB and analog cameras. The system supports IP, USB and analog cameras, etc. ZoneMinder has an input validation error vulnerability, which stems from allowing a user with view system privileges to inject new data in...
Django path traversal vulnerability (CNVD-2022-31940)
Django is the Django Foundation's set of open source web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system, etc. Django has a path traversal vulnerability that stems from the fact that a user can use the:...
CVE-2020-24592
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization...
Directory Traversal Vulnerability in Extremecom EWEBS Application Virtualization System
ExtremeWire EWEBS Application Virtualization System is a virtual application platform developed primarily for enterprise users. A directory traversal vulnerability exists in the Extremecom EWEBS Application Virtualization System. A remote attacker can exploit this vulnerability to view system fil...
Trend Micro Control Manager Directory Traversal Vulnerability
Trend Micro Control Manager is the centralized management console for managing Trend Micro products and services. A directory traversal vulnerability exists in Trend Micro Control Manager, which could be exploited by remote attackers to submit a specific request to execute arbitrary code or view...
kitto directory traversal vulnerability
kitto is an interactive dashboard framework written using Elixir. A directory traversal vulnerability exists in kitto, which allows remote attackers to submit a specially crafted request to view the contents of system files with WEB privileges...
Multiple Vulnerabilities in Trend Micro Smart Protection Server
Trend Micro Smart Protection Server is a server that provides smart protection. Trend Micro Smart Protection Server has multiple security vulnerabilities that can be exploited by remote attackers to submit a special request to view arbitrary system files, execute arbitrary code, and gain privileg...
Cisco Prime Collaboration Assurance File Viewing Vulnerability
Cisco Prime is a service-centric solution that integrates the management of wired and wireless LANs, WANs and data centers from endpoints, network devices and applications, and filters information. A security vulnerability in the Cisco Prime Collaboration Assurance WEB architecture allows remote...
NAP Turbo NAS Series Devices Music Station Directory Traversal Vulnerability
NAP Turbo NAS Series Devices is a backup software that supports real-time backup, data synchronization and scheduled backup. An input validation vulnerability exists in NAP Turbo NAS Series Devices Music Station, which could be exploited by remote attackers to submit a special request to view...
BlackCat CMS Directory Traversal Vulnerability
BlackCat CMS is a content management system based on PHP5 and HTML5. BlackCat CMS suffers from a directory traversal vulnerability that allows remote attackers to view the contents of system files with WEB privileges by submitting a character containing a directory traversal...
Webshop hun directory traversal vulnerability
Webshop hun is a WEB-based application. Webshop hun suffers from a directory traversal vulnerability that can be exploited by remote attackers to view the contents of system files with WEB privileges...