映射到 CWE-639,CWE-22 的搜索结果 (2053)

CVE-2018-6397(发布:2018-01-30 10:29:00)NM
CVSS5.0

[原文]Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.

CVE-2017-1279(发布:2018-01-26 16:29:00)NMPS
CVSS4.0

[原文]IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 124757.

CVE-2018-5445(发布:2018-01-24 22:29:00)NMS
CVSS5.0

[原文]A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the directory structure of the target device.

CVE-2018-1047(发布:2018-01-24 18:29:00)NM
CVSS2.1

[原文]A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

CVE-2018-1048(发布:2018-01-24 18:29:00)NM
CVSS5.0

[原文]It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files.

CVE-2018-6184(发布:2018-01-24 05:29:01)NM
CVSS5.0

[原文]ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.

12345678下一页尾页 第1页 / 共343页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站