traversal
-
A vulnerability was found in Novell ZENworks Configuration Management up to 10.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file UploadServlet of the component Remote Management Component. The manipulation of the argument filename as part of WAR File leads to path traversal. This vulnerability is handled…
-
A vulnerability was found in IBM Tivoli Access Manager up to 6.0. It has been classified as critical. This affects an unknown part. The manipulation of the argument pkmslogout leads to path traversal. This vulnerability is uniquely identified as CVE-2006-0513. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It…
-
A vulnerability, which was classified as problematic, has been found in Oracle JDeveloper 11.1.2.3.0/11.1.2.4.0/12.1.2.0.0. This issue affects some unknown processing of the component Java Server Faces. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2013-3827. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to…
-
A vulnerability classified as problematic has been found in Oracle GlassFish Server 2.1.1/3.0.1/3.1.2. This affects an unknown part of the component Java Server Faces. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2013-3827. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to…
-
A vulnerability was found in Silverplatter WebSPIRS 3.3.1 and classified as problematic. Affected by this issue is some unknown functionality of the file webspirs.cgi. The manipulation of the argument sp.nextform with the input .. leads to path traversal. This vulnerability is handled as CVE-2001-0211. The attack may be launched remotely. Furthermore, there is an exploit…
-
Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology,…
-
A vulnerability classified as problematic was found in Foobla Com Obsuggest up to 1.6.3. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is known as CVE-2011-4804. The attack can be launched remotely. Furthermore, there is an exploit available. It…
-
A vulnerability was found in Icecast 1.3.7/1.3.8 Beta2/1.310 and classified as problematic. Affected by this issue is some unknown functionality of the component URL Encoding Handler. The manipulation leads to path traversal. This vulnerability is handled as CVE-2001-0784. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade…
-
A vulnerability classified as critical has been found in Nasir Khan asaanCart 0.9. This affects an unknown part of the file index.php. The manipulation of the argument page leads to path traversal. This vulnerability is uniquely identified as CVE-2012-5331. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
-
A critical vulnerability in the Spring Framework, tracked as CVE-2024-38819 (CVSS score 7.5), has been publicly disclosed, along with a proof-of-concept (PoC) exploit. This flaw allows attackers to conduct path traversal attacks, potentially granting them access to sensitive files on the server hosting the affected Spring application.
-
CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 4.2 $0-$5k 0.29 A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The manipulation of the argument name with an unknown…
-
It’s time to rev up those patch engines after SailPoint disclosed a perfect 10/10 severity vulnerability in its identity and access management (IAM) platform IdentityIQ.
-
Korenix JetPort 5601 1.2 Path Traversal – CXSecurity.com
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
Popular document rendering engine Ghostscript has released a critical security update addressing multiple vulnerabilities, some of which could lead to remote code execution.
-
Overview A critical path traversal vulnerability, CVE-2024-10470, has been identified in the WPLMS Learning Management System (LMS) theme for WordPress. This vulnerability enables unauthenticated attackers to read and delete arbitrary files on the server due to insufficient file path validation in the theme’s readfile and unlink functions.