Lucene search
K

261 matches found

CNVD
CNVD
added 2019/01/17 12:0 a.m.3 views

LCDS LAquis SCADA Path Traversal Vulnerability

LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A path traversal vulnerability in LCDS LAquis SCADA version 4.1.0.3870, whic...

5.3CVSS6.5AI score0.39487EPSS
Exploits0References1
NVD
NVD
added 2018/03/28 2:29 p.m.17 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.1CVSS9.3AI score0.02899EPSS
Exploits0References3
OSV
OSV
added 2018/03/28 2:29 p.m.15 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.1CVSS7.3AI score0.02963EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/03/28 2:0 p.m.22 views

CVE-2018-9110

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...

9.3AI score0.02899EPSS
Exploits0References3
Prion
Prion
added 2018/03/28 6:29 a.m.13 views

Directory traversal

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process...

7.5CVSS9AI score0.02963EPSS
Exploits0References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2017/06/14 12:0 a.m.19 views

Novell ZENworks Reporting Appliance Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Novell ZENworks Reporting Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FCExporter servlet. The process does not properly validate a...

6.8CVSS7.5AI score
Exploits0
CNVD
CNVD
added 2017/03/03 12:0 a.m.5 views

Wordpress Plugin Mobile App Native Remote File Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A remote file upload vulnerability exists in the Wordpress plugin Mobile App Native. Because the application fails to...

7.5CVSS7.5AI score0.07325EPSS
Exploits8References1
WPVulnDB
WPVulnDB
added 2015/02/22 12:0 a.m.22 views

Holding Pattern Theme <= 0.6 - Arbitrary File Upload

An attacker can exploit this vulnerability to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation. Disclosure timeline: 2015-01-14 Vendor Alerted via email. 2015-01-14 Fix Requested via email. 2015-01-14...

7.5CVSS1.7AI score0.59254EPSS
Exploits6References2Affected Software1
exploitpack
exploitpack
added 2014/08/08 12:0 a.m.13 views

VoipSwitch - user.php Local File Inclusion

VoipSwitch - user.php Local File Inclusion source: https://www.securityfocus.com/bid/69109/info VoipSwitch is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scrip...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

ezUpload 2.2 form.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Athena PHP Website Administration 0.1 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15574/info Athena PHP Website Administration is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Ariadne CMS 2.4 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13206/info A remote file include vulnerability affects Ariadne CMS. This issue is due to a failure of the application to validate critical parameters before using them in a 'requireonce' function call. An attacker may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14030/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'topgraphheader.php'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

MySource 2.14 Span.php PEAR_PATH Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

PHPMyFAQ 1.5.1 - Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14929/info PHPMyFAQ is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

YaPiG 0.9x Remote and Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13874/info YaPiG is affected by remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

MySource 2.14 mimeDecode.php PEAR_PATH Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

MySource 2.14 Mail.php PEAR_PATH Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

SaveWebPortal 3.4 Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14639/info SaveWebPortal is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to limit access to administrative scripts. An attacker may leverage this issue to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Popper Webmail 1.41 ChildWindow.Inc.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13851/info Popper is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

7.1AI score
Exploits0
Rows per page
Query Builder