Lucene search
K

261 matches found

CNVD
CNVD
added 2019/01/17 12:0 a.m.3 views

LCDS LAquis SCADA Path Traversal Vulnerability

LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A path traversal vulnerability in LCDS LAquis SCADA version 4.1.0.3870, whic...

5.3CVSS6.5AI score0.39487EPSS
Exploits0References1
NVD
NVD
added 2018/03/28 2:29 p.m.17 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.1CVSS9.3AI score0.02899EPSS
Exploits0References3
OSV
OSV
added 2018/03/28 2:29 p.m.16 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.1CVSS7.3AI score0.02963EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/03/28 2:0 p.m.24 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.3AI score0.02899EPSS
Exploits0References3
Prion
Prion
added 2018/03/28 6:29 a.m.13 views

Directory traversal

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process...

7.5CVSS9AI score0.02963EPSS
Exploits0References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2017/06/14 12:0 a.m.20 views

Novell ZENworks Reporting Appliance Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Novell ZENworks Reporting Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FCExporter servlet. The process does not properly validate a...

6.8CVSS7.5AI score
Exploits0
CNVD
CNVD
added 2017/03/03 12:0 a.m.7 views

Wordpress Plugin Mobile App Native Remote File Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A remote file upload vulnerability exists in the Wordpress plugin Mobile App Native. Because the application fails to...

7.5CVSS7.5AI score0.07325EPSS
Exploits8References1
WPVulnDB
WPVulnDB
added 2015/02/22 12:0 a.m.22 views

Holding Pattern Theme <= 0.6 - Arbitrary File Upload

An attacker can exploit this vulnerability to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation. Disclosure timeline: 2015-01-14 Vendor Alerted via email. 2015-01-14 Fix Requested via email. 2015-01-14...

7.5CVSS1.7AI score0.59254EPSS
Exploits6References2Affected Software1
exploitpack
exploitpack
added 2014/08/08 12:0 a.m.14 views

VoipSwitch - user.php Local File Inclusion

VoipSwitch - user.php Local File Inclusion source: https://www.securityfocus.com/bid/69109/info VoipSwitch is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scrip...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

ezUpload 2.2 form.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Lib CGI 0.1 Include Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6264/info Lib CGI is a freely available, open source CGI library for C programmers. It is available for Unix and Linux operating systems. It has been reported that a buffer overflow exists in the Lib CGI development...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Jason Hines PHPWebLog 0.4/0.5 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12747/info phpWebLog is prone to remote file include vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'includeonce' function call. An...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.54 views

AutoLinks 2.1 Pro Al_initialize.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14686/info AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

DoceboLMS 2.0.x Connector.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15742/info DoceboLMS is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

ezUpload 2.2 initialize.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

ezUpload 2.2 index.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

MySource 2.14 new_upgrade_functions.php Multiple Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.258 views

MWChat 6.7 Start_Lobby.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13849/info MWChat is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

EasyPHPCalendar 6.1.5/6.2.x popup.php serverPath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14862/info Content2Web is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this lack of...

7.1AI score
Exploits0
Rows per page
Query Builder