Lucene search
K

7 matches found

NVD
NVD
added 2026/06/25 2:16 p.m.8 views

CVE-2026-56122

Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sending HTTP GET requests with dot-dot-slash sequences that are not sanitized when serving static files from the configured webroot. Attackers can traver...

8.7CVSS0.00377EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 1:34 p.m.5 views

EUVD-2026-39397

Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sending HTTP GET requests with dot-dot-slash sequences that are not sanitized when serving static files from the configured webroot. Attackers can traver...

8.7CVSS6AI score0.00377EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 1:34 p.m.13 views

CVE-2026-56122

Winstone Servlet Engine up to version 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sending HTTP GET requests with dot-dot-slash sequences not sanitized when serving static files from the configured webroot. Attackers can traverse ...

8.7CVSS6AI score0.00377EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52437

Name of the Vulnerable Software and Affected Versions Winstone Servlet Engine versions prior to 0.9.11 Description A path traversal flaw exists when serving static files from the configured webroot. Unauthenticated attackers can read arbitrary files accessible to the servlet engine process,...

8.7CVSS5.9AI score0.00377EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2016/07/20 12:0 a.m.40 views

Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation

...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/07/20 12:0 a.m.44 views

Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting Vulnerabilities

Wowza Streaming Engine 4.5.0 Multiple Cross-Site Scripting Vulnerabilities Vendor: Wowza Media Systems, LLC. Product web page: https://www.wowza.com Affected version: 4.5.0 build 18676 Platform: JSP Summary: Wowza Streaming Engine is robust, customizable, and scalable server software that powers...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/07/20 12:0 a.m.68 views

Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting

Exploit for multiple platform in category web applications Wowza Streaming Engine 4.5.0 Multiple Cross-Site Scripting Vulnerabilities Vendor: Wowza Media Systems, LLC. Product web page: https://www.wowza.com Affected version: 4.5.0 build 18676 Platform: JSP Summary: Wowza Streaming Engine is...

7.1AI score
Exploits0
Rows per page
Query Builder