映射到 CWE-22 的搜索结果 (2025)

CVE-2014-0115(发布:2017-10-30 12:29:00)NM
CVSS7.8

[原文]Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log.

CVE-2014-3744(发布:2017-10-23 14:29:00)NMC
CVSS5.0

[CNNVD]St Module 目录遍历漏洞--St Module是美国软件开发者Isaac Z. Schlueter所研发的一个用于提供静态文件的节点模块。 St Module 0.2.5之前的版本中存在目录遍历漏洞,该漏洞源于程序没有充分过滤用户提交的输入。攻击者可利用该漏洞查看任意Web服务器上下文中的任意文件。 ...

CVE-2017-8805(发布:2017-10-17 14:29:00)NM
CVSS6.4

[原文]Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.

CVE-2017-9367(发布:2017-10-16 17:29:00)NM
CVSS6.8

[原文]A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.

CVE-2014-3702(发布:2017-10-16 11:29:00)NM
CVSS6.4

[原文]Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter.

CVE-2015-2856(发布:2017-10-10 09:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie.

12345678下一页尾页 第1页 / 共338页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站