CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to 1 db/users.txt, 2 db/banList.txt, 3 db/censureWords.txt, or ...

5CVSS6.6AI score0.00457EPSS

Exploits0References1

0day.today•added 2023/07/28 12:0 a.m.•206 views

copyparty 1.8.2 - Directory Traversal Vulnerability

Exploit Title: copyparty 1.8.2 - Directory Traversal Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE : CVE-2023-37474 Descriptio...

7.5CVSS7.1AI score0.89933EPSS

Exploits4

Exploit DB•added 2023/07/28 12:0 a.m.•317 views

copyparty 1.8.2 - Directory Traversal

Exploit Title: copyparty 1.8.2 - Directory Traversal Date: 14/07/2023 Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE :...

7.5CVSS7.5AI score0.89933EPSS

Exploits4

Saint•added 2015/06/09 12:0 a.m.•29 views

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

8.4AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Gattaca Server 2003 Language Variable Path Exposure

No description provided by source. source: http://www.securityfocus.com/bid/10729/info It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities. By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Gattaca Server 2003 Null Byte Path Disclosure

7.1AI score

Exploits0

Prion•added 2014/04/30 11:58 p.m.•10 views

Directory traversal

PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/dbbackups/...

5CVSS6.7AI score0.18032EPSS

Exploits1References7Affected Software1

Prion•added 2012/11/17 9:55 p.m.•7 views

Improper access control

DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the 1 log, 2 images, or 3 report directory...

5CVSS7.1AI score0.00329EPSS

Exploits0References5Affected Software1

NVD•added 2010/06/18 8:30 p.m.•8 views

CVE-2010-2336

index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter...

5CVSS6.8AI score0.02034EPSS

Exploits1References2

NVD•added 2010/06/15 2:4 p.m.•20 views

CVE-2010-2263

nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI...

5CVSS6.9AI score0.44217EPSS

Exploits4References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by