Lucene search
K

49 matches found

BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.7 views

The vulnerability of the Icinga Web2 PHP framework allows a hacker to gain access to arbitrary files.

The vulnerability of the PHP framework Icinga Web2 exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to arbitrary files that can be read by the Icinga Web2 process...

7.5CVSS7.3AI score0.0328EPSS
Exploits1References4Affected Software2
CNVD
CNVD
added 2020/10/09 12:0 a.m.0 views

Unauthorized Access Vulnerability in smart-web2

smart-web2 is a relatively simple OA system. An unauthorized access vulnerability exists in smart-web2, which can be exploited by an attacker to obtain sensitive information...

6.7AI score
Exploits0
NVD
NVD
added 2020/08/19 3:15 p.m.14 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.5CVSS7.2AI score0.0328EPSS
Exploits1References7
OSV
OSV
added 2020/08/19 3:15 p.m.29 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.5CVSS6.5AI score
Exploits0References7
Prion
Prion
added 2020/08/19 3:15 p.m.20 views

Directory traversal

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

4.3CVSS7.3AI score0.0328EPSS
Exploits1References7Affected Software2
UbuntuCve
UbuntuCve
added 2020/08/19 3:15 p.m.27 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.5CVSS7.2AI score0.0328EPSS
Exploits1References3
CVE
CVE
added 2020/08/19 2:25 p.m.183 views

CVE-2020-24368

Summary: CVE-2020-24368 affects Icinga Web 2 (Icinga Web2) versions 2.0.0–2.6.4, 2.7.4 and 2.8.2, via a directory traversal vulnerability that allows access to arbitrary files readable by the web process. The issue is fixed in the same product series at versions 2.6.4, 2.7.4 and 2.8.2. Impact (as...

7.5CVSS7.2AI score0.0328EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2020/08/19 2:25 p.m.28 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.3AI score0.0328EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2020/08/19 2:25 p.m.26 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.5CVSS7.4AI score0.0328EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2020/08/19 2:25 p.m.40 views

CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2...

7.5CVSS7.4AI score0.0328EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/03/24 2:45 p.m.8 views

web2.mbaa.debtpaypro.com Cross Site Scripting vulnerability

Security Researcher Gh05tPT Helped patch 6841 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting web2.mbaa.debtpaypro.com website and its users. Followin...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/08/09 8:40 a.m.8 views

web2.gov.mb.ca XSS vulnerability

Open Bug Bounty ID: OBB-661245 Description| Value ---|--- Affected Website:| web2.gov.mb.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/22 2:52 a.m.10 views

web2.nwwi.nl XSS vulnerability

Open Bug Bounty ID: OBB-619979 Description| Value ---|--- Affected Website:| web2.nwwi.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/04/24 9:8 p.m.9 views

web2.mtr.com.br XSS vulnerability

Open Bug Bounty ID: OBB-608022 Description| Value ---|--- Affected Website:| web2.mtr.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/01/07 2:58 a.m.25 views

web2.secure-secure.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-494427 Description| Value ---|--- Affected Website:| web2.secure-secure.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/15 5:17 p.m.13 views

web2.webmail.co.za XSS vulnerability

Vulnerable URL: http://web2.webmail.co.za/login.php?msg=%22%3E%3Cimg%20src=%22fpg.png%22%20onerror=confirm%27XSSPOSED%27%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 13.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 20169 VIP...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/13 2:2 a.m.18 views

web2.webmail.co.za XSS vulnerability

Vulnerable URL: http://web2.webmail.co.za/login.php?task=%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 20169 VIP website status:| Yes...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/03 1:17 a.m.17 views

su-web2.nottingham.ac.uk XSS vulnerability

Vulnerable URL: http://su-web2.nottingham.ac.uk/ramsoc/pages/history////committeemember.php?name=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 01.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websi...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/29 1:1 a.m.9 views

web2.uconn.edu XSS vulnerability

Vulnerable URL: http://web2.uconn.edu/humcal/publicrsvp.php?id=13'"97 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/30 5:16 p.m.8 views

web2.gov.mb.ca XSS vulnerability

Vulnerable URL: https://web2.gov.mb.ca/bills/search/search.php?searchquery=%3Cscript%3E+alert%28%27OPENBUGBOUNTY%27%29+%3C%2Fscript%3E=Go%21= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...

6.3AI score
Exploits0
Rows per page
Query Builder