Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/12/10 9:31 p.m.2 views

EUVD-2020-30839

Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...

8.7CVSS6.6AI score0.08934EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/10 8:52 p.m.1 views

CVE-2020-36893 Eibiz i-Media Server Digital Signage 3.8.0 Directory Traversal Vulnerability

Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...

8.7CVSS6.7AI score0.08934EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2021/12/14 9:31 p.m.3 views

jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can reveal...

5.3CVSS6.9AI score0.9026EPSS
Exploits2References4
OSV
OSVadded 2021/04/01 3:15 p.m.3 views

DEBIAN-CVE-2021-28164

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This ca...

5.3CVSS6.6AI score0.93485EPSS
Exploits7References1
CNNVD
CNNVDadded 2021/04/01 12:0 a.m.3 views

Eclipse Jetty 安全漏洞

Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . A security vulnerability exists in Eclipse Jetty versions 9.4.37.v20210219 through 9.4.38.v20210224, which stems from a default conformance mode that allows requests with URIs containing...

7.8CVSS8AI score0.93485EPSS
Exploits9References56
GithubExploit
GithubExploitadded 2020/02/21 9:56 a.m.5 views

Exploit for CVE-2020-1938

cve-2020-1938 1.read file: python3 tomca...

9.8CVSS7.1AI score0.94469EPSS
Exploits44
CNVD
CNVDadded 2016/08/30 12:0 a.m.2 views

File Download Vulnerability in New Windward Technology's Online Learning Test System

New Windward Technology Online Learning Exam System is built based on enterprise-level database platform, the system architecture using a three-tier structure, B/S mode development can be used for online training and examination system. The product exists arbitrary file download vulnerability,...

7.1AI score
Exploits0References1
Rows per page
Query Builder